How to become a web3 auditor

Get experienced in coding

The first point you need to understand is that you need to have some experience with coding. It does not mean that you should be a senior developer, but you’d need to know how to read the code and understand some features.

Start with JavaScript. It’s one of the most beginner-friendly coding languages and it shares many features with Solidity, a blockchain coding language.

Learn about Ethereum

The second step is to learn about Ethereum basics.

A good way to do it is to read “Mastering Ethereum” by Andreas Antonopoulos. It covers all the required subjects for beginners.

If you want to go deep down the rabbit hole from the beginning, you can simply read Ethereum documentation for the developers.

Go deep on Solidity

Step three is to figure out the Solidity specification and its syntax:

The CryptoZombies game is an excellent choice to learn the basics of variables, types, functions, and other significant stuff.

Hack the smart contracts

Now you are ready to proceed with smart contract hacking:

That is the hardest step in our learning path – oddly enough :flushed: isn’t it?…

Let’s begin with CTFs:

They will give you a huge boost for your skills because it covers the most common vulnerabilities. But it’s not enough, and you’ll need to read the most basic smart contracts such as token standards EIP20 and EIP721.

  • Proxies
  • Peer-to-Peer lending protocols
  • AMMs (automated market makers)

Additionally, a good opportunity for education is to learn with audited smart contracts. In this case, we can recommend our audits which you can check out here or another good platform is “Сonsensys”.

After all of this, get a real experience on our bug bounty platform HackenProof or using audit contests on Code4rena. That’s an excellent opportunity to increase your level of qualification, even if you cannot find high-severity bugs.

Next steps

Keep honing your skills, learn the finance basics for smart contract logic, figure out EVM, and learn from past exploits. To keep up with new crypto bugs, follow HackenProof on Twitter.

The useful links are:

continued in the next comment …