How I Became A Smart Contract Auditor - A CodeHawks Success Story
Introduction
Nisedo is a smart contract auditor from France. He started in 2023, writing his first Solidity line. Today, he specializes in reviewing the security of Solidity DeFi protocols, dabbles in Yul, and loves Huff.
Beyond auditing, he founded Soliditors, a French-speaking Web3 security community; partnered with Web3 education initiatives to spread the word about smart contract security; and hosts a Web3sec podcast.
Web3 security has become much more than a job. My friends joke that I’ve joined a cult.
—
My Journey to Smart Contract Security Auditing
My adventure in smart contract security began unexpectedly.
Working at a consulting firm, developers, and clients introduced me to the world of smart contract auditing. Initially, I thought auditing was akin to financial auditing—suits, ties, and endless checkboxes.
But once bitten by the bug (pun intended), my curiosity and passion were ignited and I quit my job to transition from a business role to a technical role. The journey was tough. Despite years of working with software and blockchain engineers, coding was a new frontier, and the learning curve was steep.
Diving headfirst into Solidity wasn’t the smartest move. Without a CS background, I missed fundamental concepts. Yet, the challenge was exhilarating. I spent a month learning Solidity through Patrick’s Updraft courses and then stumbled upon CMichel’s iconic article, "How to Become a Smart Contract Auditor." It was like finding a treasure map, leading me down an inescapable rabbit hole.
The perseverance, discipline, and ability to work long hours I developed in consulting were lifesavers. Competing against the 200 IQ audit gods requires dedication. Process is key; improve after every audit or risk stagnation.
I wrote my first line of (Solidity) code in April 2023, participated in my first contest in July 2023, and have been immersed in this world full-time since September 2023.
Discovering Cyfrin CodeHawks was a pivotal moment in my journey. My love affair with VSCode and Cyfrin Solodit began with CodeHawks’ first contest, Beedle. From that moment, I was hooked.
Are You Interested In Becoming A Smart Contract Auditor?
Every journey is unique. My advice to aspiring smart contract auditors is simple: brace yourself. It will take longer than you think. If money is your only motivator, reconsider. But if you’re passionate and willing to invest the time, welcome to the most exciting industry out there.
Here’s the path I recommend:
- Join Updraft and complete all the courses.
- Practice with Capture the Flags (CTF; NodeGuardians is my favorite).
- Compete in all CodeHawks First Flights.
- Participate in public audits on CodeHawks and study the final reports on Cyfrin Solodit to understand missed vulnerabilities.
- Repeat step 4 until success!
Also, network like crazy! The smart contract security field is still niche; you can connect with almost anyone. This window won’t stay open forever. The community is fantastic—passionate, open-minded, and very cool!
Join the security audit revolution
If you’re inspired to dive into smart contract security, there’s no better time than now. Join Cyfrin Updraft, participate in CodeHawks contests, and immerse yourself in a community that values passion, dedication, and continuous learning. The journey may be tough, but it’s incredibly rewarding.
And, a closing note: Si vous parlez français, contactez moi sur Twitter/X pour rejoindre Soliditors.
Embrace the challenge, join the community, and start your journey today.