[vmception]

Whats the best way to replicate these states on localhost?

When using the L1s, it is easy to fork the current state of the network with Brownie and bang at smart contracts for free using fake gas on localhost. Reserving any advantage or unexpected behavior you find for the bug report, or redeploying it on mainnet for the bug bounty paying the gas just that one time

But with L2s in the mix, especially Optimism, how would one do the same? Would it be like two instances of Brownie in virtual environments? Kind of like having a cluster of microservices booted up in Vanguard on localhost?

[saurik]

Yeah, so to run your own Optimism full node--the "whole stack"--you need 1) a normal Ethereum full node of some kind, 2) an Optimism data-transport-layer service (which scrapes the L1 looking for L2 transactions and provides a web service to access just that data), and then 3) an Optimism l2geth instance (which is an Ethereum node modified to read its transaction batches from the DTL).

[vmception]

Wow. A tutorial on doing that would be great.

Speaking of "bug bounties", I use the term liberally as a euphemism for hacking these contracts and taking everything for yourself under the observation that company/community bug bounty systems are broken and undervalued for the value they provide. Although seen as a euphamism now, I think the term is accurate especially when looking at how bounty was used in the American frontier or Wild West.

You made $2,000,042 from this without any drama, in a quick timeline even though it was technically outside of the scope of the program! I think many in the hackernews audience would have liked to have known that from the get go. Many people ignoring blockchain would pivot immediately to at least doing smart contract bug bounty research on the side just from knowing that alone, learning the extremely lucrative and marketable skills in the process. If you formatted the article to the bug-bounty timeline to payout format. You should even show some people a material thing that what you bought with it, because many people still don't understand that this is analogous and convertible to money in your bank account especially at these convenient amounts.

How much could you have seized with this bug at the time?

[yeetard]

> I use the term liberally as a euphemism for hacking these contracts and taking everything for yourself under the observation that company/community bug bounty systems are broken and undervalued for the value they provide.

hmm...

[saurik]

> ...because many people still don't understand that this is analogous and convertible to money in your bank account especially at these convenient amounts...

FWIW this project doesn't have its own token (this L2 uses ETH as its currency just like the base layer), so the bug bounty payout is denominated in actual USD.

[vmception]

Whether they paid in ETH priced in USD, or a stablecoin, or a USD wire to your bank account, many people aren't aware that getting paid in this space is that lucrative and that liquid and that simple.

[seibelj]

saurik is pretty famous, I would estimate that most serious players in this space know the money is here. What is good about this post and the fact it's on top of HN is that maybe the average HN reader will be curious and help shift the crypto narrative on HN from negativity to at least neutrality.

[vmception]

Yeah it would be great and more on brand for this forum to have neutrality

The actual communities for most projects and general crypto are obnoxious, and probably what has helped push or keep this community to negativity, i could see it flipping to neutral though, judging by the emails I get there are plenty builders and educated proponents here

[antocv]

But the negativity is well deserved

Look at how the crypto-sphere reacted at FEDs returning "stolen" coins to Bitfinex like all praise and "justice served". Only HNers actually raised "hey guys why do you even crypto if FEDs will decide who owns what".

It all ends up being Government-coin and they like it.

[8note]

The Dan olsen analysis is very clear about how lucrative and liquid it is, and where those come from. Ethics wise, that liquidity comes from the scams and you're part and parcel to them by participating

[vmception]

Even if that was something to care about, the entire economy works that way. I don't feel that it is a role of the state to whitelist what money can go into what economy, and even though it has assumed that role in the fiat system it is not successful.

So just go where the action is. Don't scam people yourself while you are at it.