← Back to Blogs

By nexusMay 2025
resident-spotlight

Electisec leet-speak #1 ft. Drastic Watermelon

Welcome to our new series where we give the stage to our amazing residents and get to know the people behind cat and anime PFPs.

Our first leet-speaker is 🥁🥁🥁 Drastic Watermelon, our smart contract resident auditor!

Watermelon is a proud nerd with a passion for breaking stuff—for the greater good of course. From audits to audit competitions, he does it all.

We chat with 🍉 and see how the seeds of web3 security were planted (no pun intended 😅).

Tell us about your journey to Electisec 🛣️

I graduated from university a couple of months after joining Electisec. Before, I was participating in every hackathon I could find, just having a fun time with uni friends.

I first heard about Electisec when I met two DAO members in Bogotá at Devcon 6. They showed me what a fellowship looked like and what previous fellows had achieved after participating. Needless to say, as soon as I got back home, I immediately started preparing for the next smart contract fellowship 🤓.

How did the fellowship shape your security career? 🌱

Before the fellowship, my auditing experience was mostly solo competitions. While that helped me sharpen my individual skills, the Electisec Fellowship introduced me to a new way of working—collaborative auditing. Working with a team allowed me to see different approaches to problem-solving, learn from my peers, and develop my own auditing style.

One of the biggest takeaways from the fellowship was understanding how I like to work: brainstorming, throwing out all my ideas, and bouncing thoughts off teammates. This collaborative experience helped me form professional relationships that continue to this day. Eventually, my journey through the fellowship opened the door to becoming an Electisec smart contract resident auditor, giving me a career path I genuinely love.

I have audited several protocols for Electisec since then, like Sickle and Sofa Protocol.

What's the one thing you wish you did differently when starting your auditing journey? 🤔

Looking back, I wish I had gone all-in a lot sooner. When I first started competing in audit contests, I'd dedicate 2-3 hours per day: somehow I hadn't understood that my competition was putting in 8+ hours per day and treating competitions as a full-time job.

Any advice for aspiring auditors? 📝

My biggest piece of advice: dig deep.

Build the habit of digging deep into any issue or new topic you get into. Go straight to the primary sources of knowledge, instead of learning from a source presenting pre-digested concepts. There's immense value in knowing how something works at a lower level.

What is your speciality in auditing? 🧑‍🎓

One of my strengths in auditing is my experience with various languages and tech stacks over the years, which allows me to quickly grasp and adapt to niche execution environments. A great example of this is my 2nd place finish in Cantina's Centrifuge contest, despite starting with almost no knowledge about Polkadot parachains.

What's your favourite class of bugs? 🐞

A nice permanent DoS 🛑

I find there's something amusing about being able to completely freeze a system in its current state with no possible remediation. The best part? Although they manifest in very different forms, these bugs apply to both smart contracts and blockchain clients.

What does your auditing setup look like? 🖥️

When I'm not at home, I just use my laptop. I carry around a mouse almost exclusivelyfor making diagrams of the code I'm working on.

At home, I'll hook my laptop to a 49" Samsung Odyssey monitor, which I absolutely love. This was my first ever ultrawide monitor, and I'm never going back.

How do you approach an audit? 🏗️

I stay rather consistent with my auditing flow:

  1. I generate a new audit.md file with a custom script that pre-fills the file with assets in scope and my personal checklist. Depending on the project's complexity, I might also create a new whiteboard on Excalidraw.
  2. I quickly scan all contracts, writing down anything that doesn't make immediate sense or quick gotchas I discover along the way.
  3. Once I understand the project's structure and main entry points, I deep dive into the contracts following the intended entry points. As I encounter previous notes, I pause to think deeply about the code snippet I find myself staring at. This is where I'll spend the most time making diagrams, rewriting the contract's logic in Solidity or Python.
  4. If time allows, I shift my focus to a more holistic and abstract perspective. At this stage, I actively avoid tunnel vision on specific flows or contracts and instead brainstorm edge cases and failure scenarios across the entire system. Generally by this point, as an auditor, you no longer need to stare at the code, given you've already spent a lot of time reading and internalizing it.

Can you share a fun fact about yourself? 🤩

The first computing system I ever held was a lime green Gameboy Color, which my aunt gifted me when I was barely 2yo. Alongside that Gameboy, I received one copy of Pokémon Red and Pokémon Blue. I was immediately hooked and have played videogames ever since.

I always found it very funny that I began playing videogames before I could read (bless grandad for reading out to me all of those Pokémon dialogues 👼).

Ultimately, this very early videogame fever steered my life and studies towards computer science.

How do you spend your time outside auditing? 🌳

Either at the gym lifting weights, enjoying a good audit contest report / incident post-mortem or struggling to finish Elden Ring 😮‍💨

Lastly, what do you enjoy the most about Electisec? 💚

The people 🤝

The Electisec team is formed entirely by heavyweights, and being able to regularly work alongside any of them is a true privilege.

Electisec Logo
X
youtube

Copyright © 2025 Electisec. All rights reserved.