Search here...
Blockchain & Cryptocurrency Security

Engaged on blockchains as a Path of Bits intern

Engaged on blockchains as a Path of Bits intern

By Vara Prasad Bandaru

Earlier this 12 months, I efficiently accomplished my internship at Path of Bits and secured a full-time place as a Blockchain Safety Analyst.

This submit isn’t meant to be a technical description of the work I did throughout my internship. Quite, it’s meant to explain my common expertise as a Path of Bits intern. I hope that studying about my expertise will encourage others to use for future internships at Path of Bits.

First, I’ll introduce myself and provides some background on my technical experience. Then, I’ll clarify the applying and interview processes and describe a few of the work I did throughout my time as an intern (spoiler alert: I labored on Tealera static analyzer for Algorand sensible contracts!). Lastly, I’ll present a listing of takeaways that I might have wished to know once I utilized and some issues I favored about interning at Path of Bits.

Who am I?

I’m in my closing 12 months of my bachelor’s program in laptop science at RGUKT Nuzvid, a tier 3 faculty in India. Earlier than my internship at Path of Bits within the winter of 2021, I didn’t have a lot business expertise aside from finishing one laptop science undertaking (Monkey Interpreter, a Python rewrite of a Golang implementation) and competing in capture-the-flag (CTF) competitions. I started competing in CTFs close to the top of the primary 12 months of my bachelor’s program (and nonetheless do on the weekends) beneath the username S3v3ru5.

I primarily targeting cryptography-related challenges, my strongest class, once I first began competing in CTFs. However round August of 2021, I started taking part in blockchain-related challenges to achieve expertise on this expertise that everybody is speaking about. I used to be in a position to full a simple Solana blockchain problem within the ALLES CTF and the entire Ethereum blockchain challenges within the Ethernaut CTF, a web3/Solidity-based struggle recreation. I started this work solely a couple of month and a half earlier than I utilized for my internship at Path of Bits. As you’ll be able to see, I didn’t have a lot blockchain expertise beforehand.

It was by way of my work on these CTFs that I turned conversant in Path of Bits. I might all the time see Path of Bits within the sponsors part of the CTFs I competed inand I nonetheless keep in mind fixing a challenge presented by Trail of Bits in one of many CSAW finals. I all the time referred to (and nonetheless do) the Path of Bits CTF information and weblog posts, particularly “ECDSA: Handle with Care.”

Making use of for the internship

As I used to be approaching the top of 2021, I began trying into cybersecurity internships, primarily these associated to cryptography (my robust swimsuit) and blockchain (my most up-to-date space of curiosity). There have been only a few internships that each associated to my pursuits and would settle for a bachelor’s pupil who had no prior expertise aside from competing in CTFs and who hadn’t accomplished many initiatives. However I did do not forget that Path of Bits is a high cybersecurity analysis and consulting agency that values CTFs, emphasizes self-learning, and provides folks probabilities.

I made a decision to look into Path of Bits’s open roles and found the winternship program. These interns work on a Path of Bits undertaking, and even on their very own security-related initiatives, beneath the steering of a mentor. The internship is paid and takes place over the winter break to provide college students and new safety engineers actual business expertise and a chance to put in writing a publication for his or her resumes. An internship at Path of Bits may even result in a proposal for a full-time position.

I wasn’t engaged on any initiatives on the time I utilized for the internship, so I made a decision to use for a couple of of the obtainable Path of Bits initiatives that appeared fascinating to me. First, I utilized to 2 initiatives that will enable me to achieve extra expertise with blockchain expertise: Manticore, a symbolic execution instrument developed by Path of Bits for analyzing Ethereum sensible contracts and Linux ELF binaries, and a undertaking researching the Solana blockchain. Each Ethereum and Solana are blockchains I’m technically conversant in, so I believed these initiatives can be match. Nevertheless, I later determined to use to work on Tealer, a static analyzer for code written in Teal, an assembly-like language used within the Algorand blockchain. Although I didn’t have expertise with static evaluation or the Algorand blockchain, Tealer was each a comparatively small and new undertaking: I knew that I may simply learn by way of the supply code to get my toes moist and that my work on this undertaking may kind the idea for future work. Lastly, the applying process was the identical for all three initiatives, so I believed, “why not?”

I used to be invited to an preliminary 30-minute telephone display to debate each Manticore and Tealer. It was my first interview, so I used to be somewhat nervous, however the Path of Bits engineer I interviewed with, Felipe Manzano (who later turned one in all my mentors), made the expertise satisfying and stress-free. It felt extra like a casual conversation with a pal concerning the work and my expertise and pursuits. After that, we had one other five-minute name to debate the internship begin date, the place of business, and different onboarding info. I acquired the supply letter later that day: I used to be chosen to work on Tealer, the undertaking I used to be hesitant to use for.

I used to be shocked by this interview course of. It was fully totally different from a lot of my pals’ experiences interviewing with different corporations. My interview was simple and higher than most in each approach for an internship position.

Getting ready for the internship

As I ready for my first internship, I noticed that I used to be not conversant in lots of the instruments and ideas that I might be working with. For instance, I hadn’t labored with the Algorand blockchain or static evaluation instruments, and I wasn’t very skilled in Git or GitHub. I used to be nervous that I used to be going to fail in my internship if I didn’t put within the effort to be taught these instruments and ideas earlier than my internship began.

My internship was supposed to start out on December 13, 2021, so I began my preparation on the primary day of December. I learn by way of numerous assets to study static analysisthe Algorand blockchain, Gitand GitHub throughout the first 10 days of December. I used to be in a position to see the outcomes of my preparation when I discovered points in Tealer’s parsing of Teal code in comparison with the developer docs, even earlier than the beginning of my internship!

Through the internship

Due to the extent of preparation I did earlier than my begin date, I used to be in a position to begin my work on Tealer on my first day. Throughout my internship, I achieved the next:

I actually favored engaged on Tealer, and my internship total was a superb expertise. All my work was open for assessment and merged after approval. I acquired excellent suggestions and assist every time I used to be caught. I used to be in a position to be concerned in energetic discussions concerning the instrument. And receiving a proposal for a full-time place due to my efficiency within the internship made my expertise even higher.

Suggestions and takeaways

I’d like to supply some tricks to potential interns that I want I had heard earlier than my internship. Now that I’ve first-hand expertise with a Path of Bits internship, I can converse to how true the following tips actually are.

  • It’s OK if you happen to don’t meet all the necessities of an internship that you just’re making use of for. There’s nothing unsuitable with making use of. I used to be hesitant to use to work on Tealer, however ultimately, it labored out very properly for me.
  • You don’t should know the whole lot it’s good to know for the internship you’re making use of for. The purpose of an internship is to achieve expertise and to be taught new issues. Additionally, employers don’t search for individuals who already know the whole lot (nobody does) however for individuals who can be taught and achieve the required information if given sufficient time.
  • At all times ask for and take ideas when doubtful.
  • At all times search assist out of your mentors. You don’t have to determine the whole lot by your self, and no person expects you to. Mentors are extra skilled, have extra information, and are there to assist their interns.
  • For many who are non-native English audio system, as I’m, don’t stress if you’re not fluent in English. So long as your coworkers can perceive what you’re making an attempt to speak, it’s OK if you happen to’re not very fluent or make errors. After all, it’s an important concept to enhance your communication expertise in the long run, however by no means let your present degree in English cease you from making use of to internships.

Why apply for the Path of Bits internship?

I can’t say sufficient good issues about my expertise interning at Path of Bits. From the stress-free interview course of, to my skill to take part in energetic discussions concerning the undertaking, to the direct merging of my work, it was an important expertise. In brief, I used to be an intern, however I felt like a full-time worker. Nonetheless, listed here are some highlights from my internship:

  • I used to be given the liberty to work on the instrument the best way I wished. I used to be by no means informed to not do one thing so long as what I wished to do improved the instrument and labored towards the purpose.
  • I didn’t have any restrictions on what time I labored or how lengthy I labored for. There have been days once I couldn’t make a lot progress on the undertaking, as typically occurs with me once I begin engaged on one thing new, however I had the liberty to work at my very own tempo.
  • Lastly, the largest spotlight of my internship was when Dan, the Path of Bits CEO, despatched a small message over Slack appreciating my work. I didn’t assume I might really feel this fashion once I learn comparable tales from different interns, however I actually felt proud. I nonetheless keep in mind displaying that message to a few of my pals.

A heartfelt thanks

I’d prefer to thank Felipe Manzano and Josselin Feist for giving me free rein over the undertaking and making my first internship a unprecedented studying expertise. Additionally, thanks to Path of Bits for extending the supply to hitch the corporate full-time after my research. This internship couldn’t have been any higher, and I’m hoping for the same expertise in my full-time position.

One factor I wished to vary whereas scripting this weblog submit is the usage of the phrase “I.” Utilizing “I” makes it really feel like this expertise was solely mine. This isn’t true: this story may have simply been yours. Be certain to look out for the following open internships at Trail of Bits and have your individual extraordinary expertise.

Author: Path of Bits
Date: 2022-10-05 09:00:42

Source link

spot_imgspot_img

Subscribe

Related articles

spot_imgspot_img
Previous article
Firm Replace | HackerOne
Next article
LoRaWAN emerges as main LPWAN expertise for IoT purposes, based on Beecham Analysis
Alina A, Toronto
Alina A, Torontohttp://alinaa-cybersecurity.com
Alina A, an UofT graduate & Google Certified Cyber Security analyst, currently based in Toronto, Canada. She is passionate for Research and to write about Cyber-security related issues, trends and concerns in an emerging digital world.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

About us

Alina A, an UofT graduate & Google Certified Cyber Security analyst, currently based in Toronto, Canada. She is passionate for Research and to write about Cyber-security related issues, trends and concerns in an emerging digital world.

Company

Must Read

Subscribe

© 2023 AlinaA Cybersecurity. All Rights Reserved. Made with Love from Toronto ❤️.