Got a lot of things going right now, pretty tiring and challenging.

But at the same time I just wanna be really thankful for all of the opportunities given to me, since they wouldn’t have been possible without help from many around me.

As I look into this more and more, I recognize that blockchain hacking is really the way to go. Here’re some aspects where it really differs from the traditional mode of working:

• Fully remote & flexible
• The payout is entirely proportional to your ability and nothing else.
• The payout pool is almost infinite.

And I just feel like this really matches my ideal image of work. The only caveat is really just how much I am able.

Why do I care about meritocracy so much? Because too many things in the world - actually I would say most things - are based on ‘average’.

What does a typical good senior developer earn in HK? Probably around 60K HKD. They don’t care if you are special and exceptionally talented. All they want you to do is to get the job done for the day.

Well, but this is so wrong if you are so exceptionally talented, right? What if you are so able that you contributed to the increase of revenue by a fair percentage at work? Well you are still going to be paid the same, with some bonuses probably.

The point is that most employers are not interested in paying you an exceptional amount just because you are exceptional. This equation does not check out.

But blockchain hacking really isn’t about the market rate. I mean yes, there is a market rate for the exceptionally talented: 100K to 1M USD per bug found.

This is not to say that finding a bug is easy, but once you get properly bootstrapped AND if you are talented, you may be earning a lot.

Of course there could be other ways, like founding a business or being a quant trader, but well this is the most likely path for me who is already a developer and a hacker.

But how competitive is it there?

For smart contracts audit, especially in solidity, is probably already a red ocean. Solidity and EVM are almost an universal standard, so there are lots of people who learn and know how these work.

And the size of codebase for smart contracts is not really big. If it were super big, it could only be probably a few thousands of lines.

So what I am thinking is L1 or L2 hacking. There are lots of blockchain networks and it will only be more and more because people wanna earn money out of that. The one who creates the infrastructure wins it all.

But there’s a serious problem in the industry: it lacks people who can hack their networks. It also lacks educational materials. Blockchain has been only around for a decade or so since its gain of popularity. But how to get a blockchain node working on your own or how to design the distributed system of blockchain nodes is such an advanced knowledge, that the open source codebases of lots of blockchain projects, primarily in Rust, C++ or Golang, have been under the veil although they are all publicly disclosed on Github at all times.

So yes, the difficulty of learning is massively harder than just hacking smart contracts in Solidity, but the payout as well as the chances of capturing bugs are also higher.

So if you are a person who is able to learn new things quickly and belives in this exceptional talent mindset, I think this is the way to go.

Even just L1/L2 blockchain education is a greatly undeveloped realm. There’s almost no tutorial on how to create an L1/L2 blockchain from scratch. Because few people who know how to are busy building one, and people who don’t know just have no idea.

Yeah so I think this will be my long-term direction. But to be able to do this, there are some areas that I would need to push hard on:

• EVM basics. Due to the popularity of solidity, a lot of chains aim to be EVM compatible. There will be a lot of juice in finding bugs in implementation of EVM interoperability.
• Bridge internals. Inter-chain communication is becoming a hot trend in blockchain, and it will still take years to see this come alive and widely used in production. Bridges are known to be quite susceptible to hacks, so again a potential for lots of juice here.
• Blockchain implementation. This is just about how to implement a blockchain network (a blockchain client, validator, etc). Popular practical concepts in modern blockchains like POS or BFT consensus need to be covered too.
• Solidity. I know I just said there isn’t much to do about solidity, but bridges and EVM are directly related to solidity, so I can’t just give up on solidity. I need to how it works.

Written by Joel Mun. Joel likes Typescript, React, Node.js, GoLang, Python, Wasm and more. He also loves to enlarge the boundaries of his knowledge, mainly by reading books and watching lectures on Youtube. Guitar and piano are necessities at his home.