Security

Practical fuzzing examples for the mastering fuzzing talk - Elpacos/mastering-fuzzing: Practical fuzzing examples for the mastering fuzzing talk

Chainlink price feeds are reliable, but it is crucial to have circuit breakers to prevent any issues from a single source. Using a single entity is not ideal from a decentralization perspective as well, and it is better to have backup plans in case of system failure. Many developers were

Fuzz testing is an invaluable tool for finding & maximizing precision loss vulnerabilities..

This article is an overview of Kurt Barry's seminar at Spearbit on performing numerical analysis on DeFi projects to identify vulnerabilities. Spearbit is a decentralized and industry-leading blockchain security services firm pairing protocols with top security researchers with deep subject matter e

MEV / Sandwich / Front-run & Back-run:

Awesome list of all things oracle manipulation. Creating to help spread a better understanding of oracles and oracle manipulation. - 0xcacti/awesome-oracle-manipulation: Awesome list of all things ...

A new tool for teams & individuals that blends everyday work apps into one.

This article is the result of reviewing the technical details from many of this year's Smart Contract Vulnerabilities and Exploits in and around the Ethereum ecosystem.

“Here is how you can get an easy H/M on @code4rena or @sherlockdefi. A 🧵 about the CREATE2 optcode👇”

Observations and tips for auditing protocols on multiple chains 🧐 - 0xJuancito/multichain-auditor: Observations and tips for auditing protocols on multiple chains 🧐

“1/9:🔒✨Attention auditors! Don't overlook this crucial step in upgradable contracts. Discover why reviewing constructors and initialize functions is crucial You can use your Solidity contracts with OpenZeppelin Upgrades without modifications... Wait, without any modification?”

Contribute to pashov/audits development by creating an account on GitHub.

TWAP Oracle Manipulation RisksBy Mudit Gupta, Chief Security Officer at PolygonPart of DeFi Security Summit 2022 Session 9 - Security 2PDF slides available a...

Bugs in commonly forked DeFi protocols. Contribute to YAcademy-Residents/defi-fork-bugs development by creating an account on GitHub.

“🚨🚨Want to learn more about ZKEVM but you're afraid of the big and complex codebase??🚨🚨 Don't worry anymore!! Edu from the @PrivacyScaling team gave A CODE WALK-THROUGH over the ZKEVM-Circuits repo🤯🤯🤯. Be sure to watch it!🧐🧐 https://t.co/ueojKrwzFQ”

If you have been trying to learn about potential cases of DoS attacks and end up always with the same examples (as I did), you might be…

Lending & Borrowing DeFi platforms display common sets of vulnerabilities

Proxies Research Compilation

yAudit Reports Homepage

Solodit is a platform that aggregates all findings from popular audit platforms.

Demystifying Exploitable Bugs in Smart Contracts. Contribute to ZhangZhuoSJTU/Web3Bugs development by creating an account on GitHub.

A list of notable Blockchain Security audit companies. - 0xNazgul/Blockchain-Security-Audit-List: A list of notable Blockchain Security audit companies.

The Auditor Book. Contribute to aviggiano/theauditorbook development by creating an account on GitHub.