Doni Jaldon: A Six-Step Roadmap for Filipinos to Enter the Web3 Security Industry

zed leplin
3 Min
By: zed leplin
Share on Twitter Share on Facebook Share on LinkedIn Share on Reddit Share on WhatsApp Share on Email
Doni Jaldon: A Six-Step Roadmap for Filipinos to Enter the Web3 Security Industry
Table of Content

Web3 security is one of the most lucrative and rapidly growing fields in tech, yet few Filipinos are part of it. How can more aspiring security researchers break into this high-paying industry? Here is a step-by-step guide based on expert insights.

The Web3 security industry is in high demand, offering significant financial rewards to those who can identify vulnerabilities in blockchain protocols before bad actors do. Despite its potential, the field remains largely untapped by Filipino professionals. 

Doni Jaldon, a Web3 security researcher and Senior Watson at Sherlock, shares practical steps on how Filipinos can enter the industry and compete on a global level.

Step 1: Learn the Basics of Blockchain and Smart Contracts

Before diving into security research, it is essential to understand how blockchain and smart contracts work. Many vulnerabilities stem from poor coding practices, so having a foundational knowledge of the technology is critical.

"If you want something that has a faster ROI, I think focusing on Solidity and learning that and learning how to read and write smart contracts and understanding the different types of vulnerabilities... I think that's the path that beginners should take in terms of ROI (Return on Investment)."

Step 2: Master Solidity and Capture the Flag (CTF) Challenges

The fastest way to get hands-on experience is by learning Solidity, the programming language used for Ethereum-based smart contracts. Once comfortable with Solidity, aspiring security researchers should test their skills through Capture the Flag (CTF) challenges, which simulate real-world hacking scenarios.

"You don’t need to spend so long in these first two steps. You just need to know enough that you can read code, you can read Solidity. And then you just need to do enough CTFs to understand what are the usual bugs that you can find."

Step 3: Join Web3 Audit Contests

Web3 security contests provide real opportunities to earn money while sharpening auditing skills. Platforms like Sherlock, Cantina, and Coderina allow participants to audit live smart contracts and compete for bounties.

"There are one, two, three, four, five, six, seven, eight, nine, ten, eleven, twelve, thirteen, fourteen, fifteen, sixteen, seventeen. So there’s twenty plus ongoing contests. And the contest could have bots ranging from, well, the smallest bot now is like fifteen thousand dollars. And the largest bot is like, how much is the largest bot? Two point five million dollars, which is crazy."

These contests lower the barrier to entry, allowing anyone with the right skills to compete and earn. Even those who do not win immediately gain valuable experience by reviewing the reports of successful auditors.

Step 4: Build a Reputation and Network

Success in Web3 security requires more than just technical skills. Engaging with the community, networking with established auditors, and sharing research findings can help newcomers gain visibility in the field. Jaldon himself leveraged platforms like Web3 Twitter to stay updated and connect with fellow researchers.

"Actually, for me, because I'm active on Web3X or Web3 Twitter, like Web3 security at least, and everyone is pointing out how the numbers are quite high in terms of rewards."

Step 5: Seek Mentorship and Continuous Learning

While Web3 security is largely self-driven, having mentors can accelerate progress. Learning from experienced professionals and getting guidance on which resources to use can prevent beginners from feeling overwhelmed by the vast amount of information available online.

"Most of the learning needs to be self-driven. A mentor should be there to help when you’re stuck, but the work has to come from the student."

Step 6: Consider Specializing in Rust or Blockchain Infrastructure

For those looking to advance further, Jaldon recommends specializing in Rust, the programming language used for blockchain infrastructure. While Solidity is easier to learn and provides a faster return on investment, Rust is in high demand for more complex blockchain security roles.

"If they’re confident in their programming skills, they have decent foundation in programming, then I recommend Rust. Otherwise, just go for Solidity."

The Future of Filipinos in Web3 Security

With blockchain adoption continuing to grow, Web3 security is becoming one of the most important fields in tech. However, unless more Filipinos are exposed to the industry, the country may miss out on a massive opportunity.

"The opportunity is there. Filipinos just need the exposure and the right mindset to take advantage of it."

By following this roadmap, aspiring security researchers can position themselves at the forefront of Web3 security, opening doors to high-paying careers and global recognition. The next step is simple: take action and start learning today.

Authors

zed leplin
zed leplin

Sign up for The Block and Beyond newsletters.

Stay up to date with curated collection of our top stories.

Please check your inbox and confirm. Something went wrong. Please try again.

Subscribe to join the discussion.

Please create a free account to become a member and join the discussion.

Already have an account? Sign in

Sign up for The Block and Beyond newsletters.

Stay up to date with curated collection of our top stories.

Please check your inbox and confirm. Something went wrong. Please try again.