πHistory
Secureum Bootcamp Epoch 0
Secureum, a portmanteau of Security & Ethereum and pronounced like the latter, started as a newsletter about observations, learnings and perspectives on security topics in Ethereum. The first issue was published on 3 January 2021, the twelfth anniversary of bitcoin networkβs existence. The ten issues published were well received and then the newsletter was paused to focus on identifying the best way forward for Secureum to have a more tangible impact in the domain of smart contract security.
The goal was to maximize the impact of Secureumβs efforts in addressing the most pressing problems in this space. The topic that kept coming up was the lack of quality content and quantity talent as it pertains to Ethereum security - specifically smart contract auditing. The demand for smart contract security audits/auditors has far exceeded the supply for a while now. The hope was for Secureum to do something bigger/better in this space.
These reasons, among others, were the motivators of the "Secureum Bootcamp for Smart Contract Security Auditing: Epoch 0" which received a funding grant from the prestigious Ethereum Foundationβs Ecosystem Support Program and sponsored partnerships with three leading security auditing firms: ConsenSys Diligence, Sigma Prime and Trail of Bits.
Secureum Bootcamp Epoch 0: Why, What & Who?
The Secureum Bootcamp Epoch 0 was an intense bootcamp meant primarily for participants who wanted to get into smart contract security auditing as a part/full time profession. Those who wanted to add auditing as a core skill for their current/future projects were also welcome. In other words, the bootcamp is meant for those who wanted to get serious about smart contract security auditing.
Why would you want to get serious now about learning smart contract security?
The demand for competent smart contract auditors is still going through the roof, which is why every auditing firm in the space is looking for top talent by attracting them with great work, perks and flexibility. This is driven by the pressing need for quality audits from hundreds of innovative projects launching on Ethereum. The challenge is that there are very few people who understand both Ethereum smart contracts and security. There has never been a better time to learn about smart contract security auditing and support innovation in this space.
For students and professionals in the Web2 security space, this is a great opportunity to leap into Web3 and contribute to foundational security aspects of Ethereum projects addressing DeFi and other decentralized applications.
For developers already building in Web3/Ethereum, this is a great opportunity to specialize in security. While Ethereum developers are in great demand, smart contract auditors are in greater demand.
Scaling is a hot topic in Ethereum; scaling security is a hotter topic. We keep reading about numerous smart contract hacks and millions of dollars lost. The core problem is the lack of sufficient security talent who can invent new tools/techniques and apply/improve existing ones to sufficiently raise the bar of smart contract security. We need to scale security talent 100 fold.
The community of Ethereum security enthusiasts is less than a thousand, of which, my guess is that less than a hundred are focussed on smart contract security as their primary objective. We need to grow this community 100 fold.
Who is Secureum Bootcamp meant for?
Students & Professionals: Anyone interested in getting into smart contract security auditing.
Beginners & Experts: While the bootcamp will assume a certain level of proficiency in security and/or programming (of any kind), the curated content will cover basic and advanced aspects related to Ethereum and Solidity. Those who arenβt familiar with either should be able to ramp up by dedicating more time/effort, and those already familiar will have an opportunity to dive deeper into security/auditing aspects.
Part-time & Full-time: The expected level of participant effort is a minimum of 10-20 hours per week which of course will depend on their prior experience and skills in these topics. As such, this program should be doable for participants who have existing part-time or full-time commitments. A few hours every day coupled with extra effort over weekends should help cover the weekly assigned content, assignments and quizzes.
Web2 & Web3: This should be appealing to both Web2 (i.e., not familiar with Web3/Ethereum concepts) and Web3 practitioners. Web2 security students/experts and Web3 developers will likely get the most out of this bootcamp but really anyone willing to put in the required effort should have a good chance.
Security & Programming: Proficiency in security fundamentals and programming of some kind will really help get the most out of this bootcamp.
Secureum Bootcamp Epoch β
After Epoch 0's success, Secureum's mission continues through the ongoing Secureum Bootcamp Epoch β.
Epoch β is planned as follows:
LEARN: Participants are requested to learn from content already available from Epoch 0.
RACE β Readiness Assessment for CARE Endeavor: Smart contract security challenges (e.g. quizzes) held at the end of ~every month. RACE submissions will be open for a week.
CARE β Comprehensive Audit Readiness Evaluation: Smart contract security reviews of real-world, security-minded protocols held on a ~weekly basis. 8-16 participants are invited to participate in every CARE. Their selection will be based on performance in that/previous month's RACE. Selected participants will be randomly paired for collaborative reviewing. Exact details depend on scheduled protocols/timelines.
CARE-X β CARE Extra: Smart contract security initiatives customised with collaborating partners held on a ~weekly basis similar to CARE. While Secureum works with collaborating protocol partners on CARE, it will work with other Ethereum security ecosystem partners to collaborate in different ways on CARE-X. CARE-Xs may have their own specific RACE-Xs and selection criteria.
Epoch β is therefore a continuous series of RACEs, CAREs and CARE-Xs.
Last updated