This is a personal smart contract auditor roadmap, including textbooks, articles, videos and best practice examples. The goal of this roadmap is to help me understand smart contrac , cryptography, security best practices and gas optimization. I hope this roadmap can also help you.
TODO:
- Develop state of the art smart contract security analysis tools.
better be fuzzer - Find high risk bug on Code4rena
- learn Yul
Blockchain security & audit by consensys openZepplin guides
-
mastering Ethereum
This book is a must read and it helps me clarify most fundemental concepts related to blockchain, Ehtereum, EVM. It also touches the creation of solidity and vyper. 5:star:/5:star:.
notes on mastering Ethereum -
Introduction to Modern Cryptography
This is the textbook of my Direcy reading program in our math department. It walks me through from symmetric encryption to asymmetric encryption. I have learned about Sha3(keccak), merkle trees, Verfiable secret sharing,etc.
TODO: notes
- Reentrancy Attack
- Smart contract security audit
Introduced the process of smart contract security audit lifecycle, and the common vulnerabilities. - Analysis of the Dao exploit
- Write Rust lints without forking Clippy
This is a tutorial of how to write a custom lint for Rust. How Dylint groups linters together an dprevent the drawbacks of Clippy. Ready to jump right in Dylint! - How to do smart contract security audit
- Secureum solidity 101 Key-takeaways from solidity documentation
- Secureum solidity 201 same, but more advanced
- towards frictionless upgradeability
Contributed to this open source EVM project: yet another EVM puzzle
- Deconstruct a solidity contract
Introduction of how a solidity smart contract is converted into opcodes - Creation VS runtime
Talks about creation-time code and runtime code, creation time code will load function parameters, copy runtime code to memory, and then jump to runtime code. - Function selector
Talks about how function selector is generated and used for calling different functions. -[x] Function Wrapper
Talks aobut how function parameters are passed to the function, jump to the function body, and return the result. - Function body
Talks about how function body is executed, including the stack, memory, storage, and opcodes. - [Metadata] (https://blog.openzeppelin.com/deconstructing-a-solidity-contract-part-vi-the-swarm-hash-70f069e22aef/)
Talks about how metadata is generated and used.
My solutions of Ethernaut Challenges: solutions
- Fallback
A nice and smooth intro to the Ethernaut challenges. Including useage of ethers,fallback functions and ownership. Takeaway: Never change ownership or something private in the fallback functions! - Fallout
A simple spelling error that could destroy the whole smartt contract! - CoinFlip
A vulnerble smart contract that uses the self-defined random number generator. Should use the oracle to generate the randomness. - Telephone
Tx.origin != msg.sender - Token
arithmatic underflow - Delegation
Delegate call - Force
Force sending thorugh selfdestruct - Valut
Private variable is readble - King
Always checking the invariant of the smart contract - Re-entrancy
Re-entrancy, use the pull payments if possible - Elevator
Don't trust unknowen contracts - Privacy
Private variable is readble - GatekeeperOne
gasleft() and typecasting - GatekeeperTwo
creation time code and runtime code, bitwise operation - NaughtCoin
Inheritate the contract incorrecly - Preservation
Delegate call and storage layout