Level up your career as a smart contract auditor writing secure and optimized smart contracts.
Welcome to the repository for the Ultimate Smart Contract Auditing, Assembly, Security, and DeFi Course by Cyfrin Updraft and The Red Guild!
This repository houses the written content of our courses, organized to facilitate easy access and contribution from our community. Please refer to this for an in-depth explanation of the content:
- Website - Join Cyfrin Updraft and enjoy 50+ hours of smart contract development courses
- Twitter - Stay updated with the latest course releases
- LinkedIn - Add Updraft to your learning experiences
- Discord - Join a community of 3000+ developers and auditors
- Newsletter - Weekly security research tips and resources to level up your career
- Codehawks - Smart contracts auditing competitions to help securing web3
Note: If you're familiar with Patrick's previous courses, we have renamed "Lessons" to "Sections"
Smart Contract Auditing, Assembly, Security, and DeFi Ultimate Course
Table of Contents
Introduction, Resources, and Prerequisites
๐ฉ๏ธ Section 6: Centralization, Proxies, and Oracles | Thunder Loan Audit
๐ Section 7: Bridges, Chains, Signatures, Intro to Yul/Assembly | Bridge Boss Audit
First CodeHawks Competitive Audit
Coming soon...
Congratulations
Thank you
โ ๏ธ All code associated with this course is for demo purposes only. They have been audited, but we do not recommend them for production use and should be used at your own risk.
Join Cyfrin Updraft for the best learning experience!
- AI Frens
- ChatGPT
- Just know that it will often get things wrong, but it's very fast!
- Phind
- Like ChatGPT, but it searches the web
- Bard
- Other AI extensions
- ChatGPT
- Github Discussions
- Ask questions and chat about the course here!
- Stack Exchange Ethereum
- Great place for asking technical questions about Ethereum
- Peeranha
- Decentralized Stack Exchange!
An intermediate understanding of solidity. You don't need to be a pro, but you should be familiar with:
- Blockchain basics (transactions, blocks, decentralization, etc)
- Running a smart contract test suite (hardhat, foundry, truffle, etc)
- Solidity basics (variables, functions, structs, etc)
Here are some resources to get you up to speed with the prerequisites:
- Full Foundry Course: This will give you every single prerequisite
- Speed Run Ethereum: This will give you most of what you need. But youโll need a little extra time on invariant tests, using foundry, and DeFi/OnChain Finance.
- Have the foundational skills to become a professional smart contract auditor
- Speak, interact, and contribute to the web3 security community
- Compete in web3 competitive audits
- Compete in web3 bug bounties
- Start a career as an independent auditor
- Become a top 1% smart contract developer
- Coming soon...
IF YOU DECIDE TO MINT THE REAL NFT:
- We didn't audit/security review the NFT, so if you want to make sure you'll be safe, interact with the contract using a burner wallet (a wallet with very little money that you don't use for anything else)
- In fact... Get good at interacting with wallets from a burner wallet
- Read my Tweet thread on basic wallet safety
- It might be a good idea to wait till later in the course when we teach you about verifying metamask transactions.
- Feel free to mint NFTs on sepolia without worrying about the above
- We didn't show you how to bring ETH -> Arbitrum, but the process would be:
- Send ETH -> one of your wallets like:
- Use the Arbitrum Bridge
Do not skip this section!
- Web3 is important
- Permissionless finance
- Unbreakable promises
- Web3 security is subpar right now
- Rekt Leaderboard
- $1B in 2023 (so far)
- Web3 vs Web2 hacks. Web2 is mostly PII theft, where Web3 hacks result in irrevocable losses of funds.
- Bad actors in the space. Lone wolf hackers vs. well funded, persistent nation state actors (e.g. NK).
- Career opportunities
- Top 1% Developer
- Private Audits
- Competitive Audits
- Bug Bounties
- Future:
- Incident Responders
- On-chain investigators
- Moreโฆ
-
Rebuild trust in the ecosystem.
-
Wild West image to the outsiders
- Register for Cyfrin Updraft
- USE THIS SITE!!! It's specfically made to make learning easier
- Follow the repository: While going through the course be 100% certain to follow along with the github repository. If you run into in an issue check the chronological-updates in the repo.
- Be Active in the community: Ask questions and engage with other developers going through the course in the discussions tab, be sure to go and say hello or gm! This space is different from the other industries, you don't have to be secretive; communicate, network and learn with others :)
- Learn at your own pace: It doesn't matter if it takes you a day, a week, a month or even a year. Progress >>> Perfection
- Take Breaks: You will exhaust your mind and recall less if you go all out and watch the entire course in one sitting. Suggested Strategy every 25 minutes take a 5 min break, and every 2 hours take a longer 30 min break
- Refer to Documentation: Things are constantly being updated, so whenever Patrick opens up some documentation, open it your end and maybe even have the code sample next to you.
- Use ChatGPT and/or the course chat
And finally, by embarking on this journey, you are now a "Security Researcher", not an "Auditor". The key word being "Researcher", so we will go over strategies for continued learning so you can stay on top of your game.
๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ
๐ฏ Exercise: Write yourself a message about why you want this
- This will be important for when things get hard
- Is it money? Save web3? Become someone? Write down as many reasons as possible.
๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ๐ฏ
(back to top) โฌ๏ธ
- VSCode
- VSCodium
- Foundry
- chisel
- cast
- forge
- Windows Users: WSL
- AI Helpers
- ChatGPT
- Phind
- Forums & Resources
- Ethereum Stack Exchange
- Peeranha
- Github Discussions
- Remix
- Basic smart contracts
forge init
- Fuzz tests
- Stateless Fuzzing
- Stateful fuzzing
- Invariants
- storage
- Clip from foundry course
- Fallback & Receive
- Encoding, Call, & Staticcall
- Clip from the foundry full course
- Encoding.sol
- CallAnything.sol
- Delegatecall & Proxies
- Clip from foundry full course
- tx.origin vs msg.sender
- Selfdestruct (to be removed in an upcoming fork)
- mainnet-forking
๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ
๐ธ Exercise:
- Join the CodeHawks/Cyfrin Discord
- Go for a walk, and buckle up
๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ๐ธ
(back to top) โฌ๏ธ
- High Level Overview
- People say "audit" -> security review
- There is no silver bullet to auditing, and they have limitations
- 3 phases of a security review
- Initial Review
-
- Scoping
-
- Reconnaissance
-
- Vulnerability identification
-
- Reporting
-
- Protocol fixes
-
- Fixes issues
-
- Retests and adds tests
-
- Mitigation Review
-
- Reconnaissance
-
- Vulnerability identification
-
- Reporting
-
- Initial Review
- Plan & Design
- Develop & Test
- Smart Contract Audit & Post Deploy Planning
- Deploy
- Monitor & Maintain
- Use this list to reference how top quality security teams do reviews, post reports, do research, etc
- Simple Security Checklist
- Test suite with code coverage
- Fuzzing, Static Analysis
- Natspec (especially for external/public functions)
- The Rekt Test
- โCode maturityโ is important!
- Static Analysis
- Slither
- Aderyn
- Fuzzing / Invariant Tests
- Foundry
- Echidna
- Consensys
- Formal Verification
- Certora
- Solidity SMT Checker
- Maat
- Manticore
- AI
- Tooling vs Humans
- Always learning
- Top attack vectors
๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐
๐ Exercise: Sign up for one security/web3 newsletter!
- Cyfrin Updraft
- Blockchain Threat Intelligence (Referral link)
- Solodit (not a newsletter, but has constant updates of new hacks)
- rekt
- Week In Ethereum
- Consensys Diligence Newsletter
- Officer CIA
๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐
(back to top) โฌ๏ธ
๐ข๐ข๐ข๐ข๐ข๐ข๐ข๐ข๐ข๐ข๐ข๐ข๐ข๐ข๐ข๐ข๐ข๐ข๐ข๐ข๐ข๐ข๐ขImportant Note: We are now going to do audits. Please note, that we will not find all the bugs in each codebase. Each codebase was designed to show you a specific set of bugs, and give you a good understanding of what an audit "feels" like.
๐ข๐ข๐ข๐ข๐ข๐ข๐ข๐ข๐ข๐ข๐ข๐ข๐ข๐ข๐ข๐ข๐ข๐ข๐ข๐ข๐ข๐ข๐ข
๐ป Security Review CodeV1: https://sepolia.etherscan.io/address/0x2ecf6ad327776bf966893c96efb24c9747f6694b
๐ป Security Review CodeV2: https://github.com/Cyfrin/3-passwordstore-audit
๐ป Security Review CodeV3: https://github.com/Cyfrin/3-passwordstore-audit/tree/onboarded
๐ป Security Review Final: https://github.com/Cyfrin/3-passwordstore-audit/tree/audit-data
Feel free to look ahead and try to find the bugs on the codebase yourself, or get familiar with the protocol first.
Remember the phases!
๐ฝ๐ฝ๐ฝ๐ฝ๐ฝ๐ฝ๐ฝ๐ฝ๐ฝ๐ฝ
- Initial Review
-
- Scoping
-
- Reconnaissance
-
- Vulnerability identification
-
- Reporting
-
๐ผ๐ผ๐ผ๐ผ๐ผ๐ผ๐ผ๐ผ๐ผ๐ผ
For this demo, we are ignoring the last 2 phases
- Protocol fixes
-
- Fixes issues
-
- Retests and adds tests
-
- Mitigation Review
-
- Reconnaissance
-
- Vulnerability identification
-
- Reporting
-
- "Hey, here is my link to Etherscan, can I get an audit?"
- Client onboarding: Minimal
cloc
- Read docs
- Note taking in-code
- Small -> Large
- Solidity Metrics
- Tinchoโs ENS Review
- Missing
onlyowner
- Access Controls
- Unprotected sensitive functions
- Role misconfiguration
- Privilege escalation
- Access Controls
- Storing a secret (private data is not private)
- coverage
- Write finding
- How to write a good finding
- Title: Root Cause + Impact
- Finding Layout:
### [S-#] Title (ROOT CAUSE + IMPACT)
**Description:**
**Impact:**
**Proof of Concept:**
**Recommended Mitigation:**
- Write PoC
- Mitigation
- Using AI
- Writing the Report
- Severity Classification
- Basic Markdown Report
๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ
๐ฅ Exercises:
๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ
(back to top) โฌ๏ธ
โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ
This is the BEST security review for new auditors, 100% be sure to pay attention to this section.
โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ
This is the go-to best starter audit/security review. There are a lot of bugs in here, some obvious, some not.
๐ป Security Review Code: https://github.com/Cyfrin/4-puppy-raffle-audit
Concepts you'll learn: Static analysis, Reentrancy, Weak RNG, Arithmetic issues, How to write a professional looking report.
- Web3 bugs machine vs human
- Static Analysis
- cloc
- Solidity Metrics (audit estimation)
- Solidity Visual Developer
- Fixes:
- Remove unnecessary loops
- Case Study: DAO Hack
- Exercises
- Prevention:
- CEI/CEII ( FREI-PI soon!)
- NonReentrant modifiers
- Examples:
- Under/Overflow
- Rounding & Precision
- Exercises
- Prevention:
- Use newer versions of solidity
- Multiply before divide
- Case study: Sushiswap Miso
- Exercises:
- Stict Solc Versioning
- Supply Chain Attacks
- Magic Numbers
- Code coverage
- Audit Report Templating
- Github Report Templating (Cyfrin)
- Github Report Templating (Spearbit)
- Github Report Templating (Spearbit Custom)
๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐
๐งโ๐ Exercises:
- Ethernaut Challenges (1, 9, and 10) ๐งโ๐
- Sign up for Solodit
- Post a tweet about how you completed the Puppy Raffle Audit!
- Sign up for farcaster
- Do a CodeHawks First Flight
๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐๐งโ๐
(back to top) โฌ๏ธ
๐ป Security Review Code: https://github.com/Cyfrin/5-t-swap-audit
Concepts you'll learn: Stateful fuzzing, Fuzzing, Invariants, FREI-PI/CEII, Advanced DeFi, AMMs, Uniswap, Curve.fi, Constant product formula
๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐
STOP!
Don't look at the contracts for this one!
We are going to show you how you can use advanced tools to find even more bugs just by properly understanding invariants and writing more effective test suites.
๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐
- Client onboarding: Extensive
- Protocol Invariants
- FREI-PI/CEI
- Forge Fuzzing, Stateful Fuzzing, Invariants
- Solodit
- Properties
- Token integration checklist
- Weird ERC20 List
- Rebase & fee-on-transfer
- ERC777 reentrancy callbacks
- Case Study:
- Uniswap
- Euler
- FREI-PI / CEII / Pre & Post Checks
๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ
๐ฐ Exercises:
- Write a fuzz test to find a bug in this challenge
- Write a tweet thread about an interesting finding from Solodit
๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ
๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐
Congratulations!!
If you've made it this far in the course and you understand what's going on, you have the skills to start getting paid as a security researcher, doing competitive audits, bug bounties, or even get hired!
But if you want to become one of the best in the world and really secure web3, keep going...
๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐
(back to top) โฌ๏ธ
๐ป Security Review Code: https://github.com/Cyfrin/6-thunder-loan-audit
We are staritng to get more advanced with DeFi and smart contract issues. Buckle up, we are getting hotter.
- Don't "yes-man" every audit
- Case Study: I accidentally killed it
- Silent Upgrades
- Case Study: Oasis
- Flash Loans
- Case Study: Alpha Homora
- Case Study: Creme Finance
- Pull over push
๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ
๐ฆ Exercises:
- YAcademy Proxy
- Tweet about how YOU feel about upgradeable smart contracts
- It's a bit scary how powerful you've become (Arb)
- It's a bit scary how powerful you've become (Sepolia)
๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ๐ฆ
(back to top) โฌ๏ธ
๐ป Security Review Code: https://github.com/Cyfrin/7-boss-bridge-audit
- Precompiles
- Case Study: Polygon
- Public private key demo
- Encoding & Decoding Refresher
- Case study: zkSync
- Bridge hacks: Ronin, Poly network, Nomad, Wormhole
- Emergency stop
๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ
๐ฐ Exercises:
- Damn Vulnerable DeFi Challenges 1, 2, 4
- Write a tweet thread about an interesting finding from Solodit
- Tweet about how you finished the hardest audit yet!
- Read about more historic attacks:
๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ๐ฐ
(back to top) โฌ๏ธ
- MEV Explained
- MEV Explained continued
- Toxic MEV
- Frontrunning
- Sandwich Attacks
- non-toxic
- Backrunning
- MEV Protection
- Design
- Flashbots Protect
- MEVBlocker
- Securerpc
- MEV in our past security reviews:
- Puppy:
- Someone can front-run
selectWinner
to call a refund
- Someone can front-run
- T-Swap:
- Deadline protection means people can "sandwhich" attack you
- Thunder Loan:
- Users can front run flash loans to make the fees higher or lower
- Boss Bridge:
- A signed transaction could be front run so that an attacker sends tokens from an L2 before the signer can
- Puppy:
- Slippage Protection
- Unlimited Minting
- Flash Loan Voting
- Case Study: Beanstalk
- Metamorphic upgrades
- Case Study: TORN Governance
This security review is optional. It's a LOT of code! But if you choose to do it, you'll get a better idea of what a larger codebase feels like. Being comfortable coming up to a codebase and saying "I'll eventually understand this codebase, but right now I don't" is important!
๐ป Security Review Code: https://github.com/Cyfrin/8-vault-guardians-audit
๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ
๐ฆ Exercises:
- 1st CodeHawks Competitive Audit
- Write a tweet thread about an interesting finding from Solodit
- Write a blog or tweet on your experience!
- Read these tips for auditing multi-chain protocols
๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ
๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ
- How to submit a finding
- How to decide severity
- Where to find a competitive audit
๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ
๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ ๐ฆ
(back to top) โฌ๏ธ
๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐
Congratulations!!
If you've made it this far in the course and you understand what's going on, you have the skills to become one of the top security researchers in web3! Either as a solo auditor, freelancer, competitive auditor, or even get hired by a top firm!
However... if you want to be on the cutting edge and be able to understand every nook in web3, you've got a little more to go...
๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐
Coming soon...
- Custodial Wallets
- "Hot" Wallets
- Metamask
- Frame
- "Cold" Wallets
- Lattice
- Trezor
- Multi-sig (Yes - Set it up)
- 1 of 1, or x of y
- Case Study: Vulcan
- Future: Account Abstraction
- Store the private key, not the secret phrase
- Paper wallet
- "brain" wallet
- Encrypted file
- Case Study: LastPass
- Case Study: Mixin
- Rotate keys
- Physical security
- Social recovery
- Wallets
- Foundry's cast
- Joinfire
- Metamask snaps
๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐
๐ Exercises:
- Set up your Safe!
- Review classic key leeks
.env
leak with private keys- Research one private key leak from rekt.news
- Check out keepmesafe
- Coming soon
๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐
(back to top) โฌ๏ธ
- EVM Opcodes
- Introduction to Yul
- Security considerations (compiler doesnโt keep you safe anymore!)
- Introduction to Huff
- Forge debugger
- Tenderly Debugger
- Decompilers
- Metadock
๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด
๐ด Exercises:
- Convert a minimal contract of your own into Huff or Yul
- Coming soon
๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด๐ด
(back to top) โฌ๏ธ
- Introduction to FV & SE
- How to quit concrete testing with FV
- Z3 Solution with AI
- Solidity SMT Checker
- Case Study: PRBMath
- Path Explosion
- Halting Problem
๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ
๐งฎ Exercises:
- Attempt to use another FV tool
- Look into the Solady LibClone.sol
- It's a really cool codebase
- Coming soon
๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ๐งฎ
(back to top) โฌ๏ธ
๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ
๐ฅ Exercise: Watch this awesome video ๐ฅ
๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ
- Defi-minimal
- Stablecoins
- DAI
๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช
๐ช Exercise: Audit this! ๐ช
- Coming soon...
๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช๐ช
(back to top) โฌ๏ธ
Watch this video from DeFi security summit
- Bug Bounty
- Immunefi
- HackerOne
- Incident response
- Seal 911
- Warroom practice
- Whitehat vs Blackhat
- Responsible Disclosure
- Monitoring
- Your own
- Forta
- Pessimistic Spotter
- OZ Defender
- Blockchain sleuthing
- Metadoc
- Phalcon
- OpenChain
- Dune analytics
- Up and coming
- What do you do if you find a live issue?
- Check for a bug bounty
- If yes -> Submit, and youโre done
- If no -> Continue
- Reach out for help (privately!)
- Seal 911 (Or other emergency web3 paths)
- Connect with the team
- Come up with a plan to fix
- If they want to fix -> hooray! Do that
- If they ignore itโฆ You have a few options
- Give them 45 - 90 days to fix it, and say you will publicly disclose the information if they do not fix it
- Attempt a rescue yourself (Ideally, you never reach here)
- Check for a bug bounty
- White/No/Black Hat Case Studies
- Nohats
- Balancer
- Vyper
- Whitehats
- Astaria
- ParaSpace
- Blackhats
- Euler
- Many more
- Nohats
๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐
- Coming soon...
๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐ ๐
(back to top) โฌ๏ธ
๐๐๐๐๐๐๐๐๐๐๐๐ Completed The Course! ๐๐๐๐๐๐๐๐๐๐๐๐
If you've made it this far... wow.
- Competititve Audits
- CodeHawks
- We are working on many things to get you more deals. Stay tuned...
- Code4rena
- Hats Finance
- CodeHawks
- CodeHawks Discord
- Start marketing your services
- Twitter, Farcaster, LinkedIn, etc
- Blogging: Medium, Mirror, etc
- Bug Bounties
- Patrick Collins YouTube
- Solodit
- Block Threat Intelligence (Referral Link)
- Consensys Diligence Newsletter
- Owen Thurm YouTube
- JohnnyTime
- The Red Guild YouTube
- Cyfrin YouTube
The Cyfrin team runs CodeHawks, Cyfrin Updraft, and private security reviews. They are an advisor to the Peeranha project, and run various blockchain nodes like Chainlink & Ethereum. Additionally, the are responsible for the creation of the Aderyn and Solodit tools.
- Josselin Feist | Trail of Bits
- Trail of Bits
- Fuzzing & Formal Verification
- Owen | Guardian Audits
- Guardian Audits
- Denial Of Service
- Andy Li | Sigma Prime
- Sigma Prime
- Weak Randomness
- JohnnyTime | Gingersec
- Gingersec
- Governance Attack (Specific)
- Pashov | Independent Security Researcher
- MEV
- Juliette | Cyfrin
- Governance Attack (General)
- Alex Roan | Cyfrin
- Fuzzing & Smart Engineering
- hansfriese
- carlitox477
- 0Kage
- giovannidisiena.eth
- Dacian
- Alex Roan
- Peter Kacherginsky
- Karma Coma
- Zach Obront
- Pinata (for hosting my cringe)
- Self accounts "audit"
- https://scsfg.io/
- https://github.com/OffcierCia/Crypto-OpSec-SelfGuard-RoadMap
- https://github.com/transmissions11/solcurity
- https://github.com/OpenCoreCH/smart-contract-auditing-heuristics
- https://secure-contracts.com/
- https://github.com/crytic/properties
Thanks to everyone who is taking, participating in, and working on this course. These courses are passion project data dumps for everyone in the web3 ecosystem.
Let's level up so we can keep web3 safer, and thank you again for taking this course!
(back to top) โฌ๏ธ