Introduction
Development Guidelines
❱
Code Maturity
High-Level Best Practices
Token Integration Checklist
Known non-standard ERC20 tokens
Incident Response Recommendations
Secure Development Workflow
Preparing for a Security Review
Learn EVM
❱
EVM Opcode Reference
Transaction Tracing
Arithmetic Checks
Yellow Paper Guidance
Forks <> EIPs
❱
Forks <> CIPs
Upgrades <> TIPs
Forks <> BEPs
Not so smart contracts
❱
Algorand
❱
Rekeying
Unchecked Transaction Fees
Closing Account
Closing Asset
Group Size Check
Time-Based Replay Attack
Access Controls
Asset ID Check
Denial of Service
Inner Transaction Fee
Clear State Transaction Check
Cairo
❱
Arithmetic Overflow
L1 to L2 Address Conversion
L1 to L2 failure
Overconstrained L1 <-> L2 interaction
Signature replays
Unchecked from address in L1 Handler
Cosmos
❱
Incorrect Signers
Non-Determinism
Not Prioritized Messages
Slow ABCI Methods
ABCI Methods Panic
Broken Bookkeeping
Rounding Errors
Unregistered Message Handler
Missing Error Handler
Solana
❱
Arbitrary CPI
Improper PDA Validation
Ownership Check
Signer Check
Sysvar Account Check
Improper Instruction Introspection
Substrate
❱
Arithmetic Overflow
Don't Panic!
Weights and Fees
Verify First
Unsigned Transaction Validation
Bad Randomness
Bad Origin
Ton
❱
Fake Jetton Contract
Foward TON without gas check
Int as boolean
Program Analysis
❱
Echidna
❱
Introduction
❱
Installation
Introduction to Fuzzing
How to Test a Property
Basic
❱
How to select the most suitable testing mode
How to select the best testing approach
How to filter functions
How to test assertions
How to write good properties step by step
How to write properties that use ether
Advanced
❱
How to collect a corpus
How to use optimization mode
How to detect high gas consumption
How to perform smart contract fuzzing at a large scale
How to test bytecode-only contracts
How and when to use cheat codes
How to use hevm cheats to test permit
How to seed Echidna with unit tests
Understanding and using allContracts
How to fuzz contracts with external libraries
How to do on-chain fuzzing with state forking
Interacting with off-chain data via FFI cheatcode
Fuzzing tips
Frequently Asked Questions
Configuration options
Exercises
❱
Exercise 1
Exercise 2
Exercise 3
Exercise 4
Exercise 5
Exercise 6
Exercise 7
Exercise 8
Medusa
❱
Installation
First Steps
Configuration Overview
❱
Fuzzing Configuration
Testing Configuration
Chain Configuration
Compilation Configuration
Slither Configuration
Logging Configuration
CLI Overview
❱
init
fuzz
completion
Testing Overview
❱
The Fuzzing Lifecycle
Types of Invariants
Writing Function-Level Invariants
Writing System-Level Invariants (WIP)
Reporting
API Overview (WIP)
Cheatcodes
❱
warp
roll
fee
difficulty
prevrandao
chainId
store
load
etch
deal
snapshot
getCode
getNonce
setNonce
coinbase
prank
startPrank
stopPrank
prankHere
ffi
addr
sign
toString
parseBytes
parseBytes32
parseInt
parseUint
parseBool
parseAddress
Console Logging
FAQ
Manticore
❱
Introduction to symbolic execution
Running under Manticore
Getting throwing paths
Adding constraints
Exercises
❱
Example
Exercise 1
Exercise 2
Slither
❱
Usage
API
❱
Static Analysis
API
SlithIR
SSA
Data dependency
JSON output
Detectors
❱
Detectors
Adding a detector
Printers
Tools
❱
Adding a new tool
Code Similarity
Contract Flattening
Documentation
Doctor
ERC Conformance
Interface
Mutator
Path Finding Utility
Property Generation
Read Storage
Format
Upgradeability checks
Tutorials
❱
Exercise 1
Exercise 2
Exercise 3
Resources
❱
Security contact
Blog posts
Light
Rust
Coal
Navy
Ayu
Building Secure Contracts
Writing System-Level Invariants with Medusa
WIP