How To Perform an Audit with Damn Vulnerable DeFi Creator & Patrick Collins
Description
00:00 Intro & Opening Conversation
7:58 Tincho's audit setup
12:35 VSCodium
14:08 Foundry v hardhat
22:00 First audit steps
25:00 Tincho's process for commenting within the code itself
30:00 Processing a codebase with lots of inheritance & moving parts: there’s a kind of art here to flowing back and forth between the big picture architecture/business logic and the low level understanding of contract
32:42 Be careful of going down adjacent rabbit holes that don’t have to do with the thing you’re auditing
36:52 When Tincho finds a bug… what does he do?
41:15 Communicating with clients
44:12 Waling through tests with Tincho
47:40 To best understand a protocol, make the codebase your own: run things locally
51:00 Time bounding your review process
52:00 Intuition vs checklists
56:05 Learning by reading past reports
59:04 Reviewing fixes
1:00:18 Handling hacks & the purpose of audits
United States
