web3-hunt-foundationlisted

# WEB3 HUNT FOUNDATION > Mindset + Recon + Setup. Read this before touching any new target's code. > Replaces: 01-mindset, 02-recon-setup, 20-chain-complete --- ## PART 1: THE HUNTER MINDSET ### The Core Mental Shift You are NOT looking for "vulnerabilities" in the abstract. You are looking for **specific actions an attacker can take TODAY that result in profit**. Everything flows from one question: **"What can I STEAL, FREEZE, or DESTROY — and what do I END UP WITH?"** ### The Bug Validation Template Apply to every finding before writing a single line: ``` I am an attacker. I will: 1. SETUP: What do I need? (wallet, capital, any whitelisted permissions?) 2. CALL: Exact transactions, exact order, exact function names 3. RESULT: What do I end up with that I didn't start with? 4. COST: Gas + capital + flash loan fee + any other expense 5. DETECT: Can anyone stop or reverse this? 6. NET ROI: I gained X at cost of Y. Is Y << X? ``` If you can't fill in steps 2 and 3 with specific function calls → **it's not a real bug. Stop. Move on.** ### 10 Attacker Questions (Ask For Every External Function) 1. What if `amount = 0`? Does anything revert or silently pass? 2. What if I call this function twice in the same block? 3. What if I call this before `initialize()` is called? 4. What if I front-run this transaction? 5. What if the external call fails? Does state get half-updated? 6. What if the token has fee-on-transfer? Does `amount received ≠ amount sent`? 7. What