yAudit has a secret weapon. 🤫 Earlier this year, we developed yAgent, our in-house AI auditor. We've run it on every review since March, and it's really changed the way we work and raised the bar on our security reviews. Our researchers can go deeper on the code, move faster, and explore more ideas as they go. yAgent handles the groundwork so the team can spend its time on the hard problems. The tool was built on top of the award winning vulnerabilitiy detection engine developed by @zerocool_ai. We added our own workflows, knowledge bases, and custom skills to replicate the expertise and approaches we've developed over the years through auditing DeFi's biggest protocols like Yearn, Euler, and many more. We'll be sharing more details soon, including case studies, experiences, and tips for those trying to implement AI into their security process.

✨ yAudit Fellowship Alumni Spotlight ✨ Before attending yAudit's Fellowship, @HHK_eth was a part time dev for Sushiswap while studying. ~2.5 years ago he was recognized as one of the top fellows during the Fellowship's Block 5: he was quickly invited to join as a yAudit resident auditor, which he still serves as today. At yAudit, HHK has worked with some of the largest protocols in the industry: Curve, Centrifuge, Euler and Yearn are just some of the projects he's audited.

🧵 In 2021, we noticed a problem. There was no structured, accessible pathway into professional smart contract security. Plenty of talent in the Ethereum community, but no bridge between "interested in security" and "executing real audits." So we built one.

🧵 A small thread on how quadratic funding works and why your small donation to yAudit can have an outsized impact.

yAudit has been accepted into @thedaofund and @Giveth's Quadratic Funding round. We audit smart contracts and ZK systems. We train the next generation of security researchers through our public-good fellowship. We've secured over $2B in TVL across hundreds of reviews since 2020. Now we need your support. In quadratic funding, the number of unique contributors matters far more than the size of each donation. Even $1 meaningfully increases our matching allocation! Funding round starts today! 💙

Find our project's profile at: giveth.io/project/yaudit

Maybe you heard: we're yAudit again

yAudit is BACK It's an annual tradition for us to rebrand, but this year is different: we're re-rebranding. We're yAudit, no longer electisec. More updates coming soon!

Winners and security legends: Wonderland CTF crushed by @DrasticWM @adrianromero @usmannk @juancito @blocksec

Do YOU need an estimate for an audit but you only have like 15 minutes and you want to get it right meow? quoteplz.com/ Public codebases don't need a token Private codebases follow ze stuff:

@Electisec 🤝 @Optimism Proud to announce we're now whitelisted as a Superchain Audit Service Provider! This means projects building on Superchain can access subsidized audits through the Foundation's grant program. Excited to help secure the ecosystem we believe in!

Huge congrats to Twyne on their launch 🚀 When our auditors @HHK_eth @adrianromero have this to say about a codebase, you know the team absolutely nailed it!

Your favorite lending market has 2 core problems. Today, we kill both of them. Twyne is LIVE on Ethereum mainnet. 🧵

I'm still baffled that the Ethereum Core Dev community does not prioritize fixing the 2 most cited problem of EVM developers per the Solidity Lang survey despite our repeated efforts: 1. Stack too Deep: yes this is a Solidity skill issue a little bit but just add a SWAP/DUP17-32 opcode range and call it a day. You will burn some opcodes. It's fine, they are meant to be used. You're gonna have another PUSH0-style mismatch, this is also fine, it's not perfect but it's fine. 2. Lift the 24KB limit. I don't really care what you do, make it 32KB, 48KB, 128KB, 256KB, 512KB, do it all at once, incrementally, price it or not but do something! Now, not next year! If you are scaling the L1, ensuring people can write contracts without stupid errors is P0. If the system cannot handle an extra 8KB per bytecode which is a param that was set 10yrs ago literally then there's no chance you will be able to actually scale the L1. Fix stack too deep and bytecode size limit! For the devs!

Full lending potential. No collateral left behind. Let’s bring capital efficiency to your favorite lending markets: • Boosting lending APYs • Raising liquidation LTVs • Preventing 94% of liquidations All while keeping risks segregated - How? 👇

24h left to take the entry quiz! LSW and fellowship alumni @0xadrii is one of many heavyweights selected fellows will have direct access to

⚠️ Attention @Uniswap V4 Integratoors ⚠️ Creating and managing liquidity positions that involve native ETH on Uni V4? Read carefully: During our latest audit with @vfat_io, we identified a high severity issue in how liquidity is provided by Sickle to Uniswap V4 pools.

To demonstrate @burraSec's expertise, we’re offering a free full-day security review/consultation for projects integrating with LayerZero or Arbitrum—whether you’re already deployed or still in development. We’ll thoroughly review: LayerZero: Configuration (DVNs, Executor, and overall integration), functionality (LzRead, OFTs, vanilla OApps, and more). Arbitrum: Native bridge or token bridge integrations, use of retryable tickets, or custom Orbit chains (e.g., custom gas tokens, USDC bridge standard). DM me to schedule your review!

Let's welcome @yearnfi security expert and @electisec Resident @spalen_ to the twitter everyone. Better late than never Give him a followrooski