Security

A Guide on How to Start and Common Bugs you can Find, All in 13 Quick Parts

Alejandro Munoz-McDonald, Smart Contract Triager at Immunefi, did a presentation on the world's largest bug bounty payouts that were done through Immunefi's ...

Here we collect and discuss for Smart contract security & Blockchain researches and tools - contributions are welcome. - tamjid0x01/awesome-smartcontract-hacking: Here we collect and discus...

My journey towards becoming a blockchain/DeFi developer and h4x0r - by bt3gl - bt3gl-labs/Blockchain-Development-and-Security: My journey towards becoming a blockchain/DeFi developer and h4x0r - by...

Notes, scripts, code through my journey into stateful blockchains, MEV, DeFi, day trading, DEXs, etc. - by bt3gl - bt3gl-labs/Blockchains-AMMs-and-MEV: Notes, scripts, code through my journey into ...

Contribute to euler-xyz/uni-v3-twap-manipulation development by creating an account on GitHub.

Contribute to eugenioclrc/secureum-a-maze-x-challenges development by creating an account on GitHub.

Background

You are probably safe, but be aware…

This post aims to be a relatively in-depth and up-to-date introductory post detailing the past mistakes that have been made by Solidity...

On 31st December 2021, Vesper Finance, a yield optimization protocol, tweeted that its №23 lending pool — “Vesper Lend beta” launched on…

In late 2019, I published a post titled “Taking undercollateralized loans for fun and for profit”. In it, I described an economic attack on Ethereum dApps that rely on accurate

Price manipulation, now with 100% more blockchain

In this article we look at type of economic attack on DeFi projects in the form of manipulation of price oracles. On Ethereum, where everything is a smart contract, so too are price oracles. As such…

This article explores the pricing of liquidity pool (LP) tokens and discusses the recent Warp Finance hack that is closely related to it…

Read writing from QuillAudits Team on Medium. Smart Contract Auditing Experts , Making DeFi secure . audits@quillhash.com. Every day, QuillAudits Team and thousands of other voices read, write, and share important stories on Medium.

Hiding actions and generating random numbers

Even the most popular tokens can be deceiving, so understanding risks and common pitfalls when integrating them is fundamental in Ethereum’s composable world...

This guide, written by whitehat Lucash-dev for Immunefi, will help you set up a local environment and reproduce the Fei Protocol exploit…

Get up to speed on Maximum Extractable Value. Contribute to 0xalpharush/awesome-MEV-resources development by creating an account on GitHub.

A searchable curated repository of Web3 security 101s brought to you buy https://twitter.com/web3sec

Research at Protocol Labs. Contribute to protocol/research development by creating an account on GitHub.

A Collection of Vulnerabilities in ERC20 Smart Contracts With Tokens Affected - sec-bit/awesome-buggy-erc20-tokens: A Collection of Vulnerabilities in ERC20 Smart Contracts With Tokens Affected

101 key aspects of Solidity

This post aims to be a relatively in-depth and up-to-date introductory post detailing the past mistakes that have been made by Solidity...

Smart Contract Weakness Classification and Test Cases

A blog about blockchains and smart contracts development