original ) (raw )
Introduction Development Guidelines
Code Maturity High-Level Best Practices Token Integration Checklist Known non-standard ERC20 tokens Incident Response Recommendations Secure Development Workflow Preparing for a Security Review
Learn EVM
EVM Opcode Reference Transaction Tracing Arithmetic Checks Yellow Paper Guidance Forks <> EIPs
Forks <> CIPs
Upgrades <> TIPs Forks <> BEPs
Not so smart contracts
Algorand
Rekeying
Unchecked Transaction Fees Closing Account Closing Asset Group Size Check Time-Based Replay Attack Access Controls Asset ID Check Denial of Service Inner Transaction Fee Clear State Transaction Check
Cairo
Arithmetic Overflow
L1 to L2 Address Conversion L1 to L2 failure Overconstrained L1 <-> L2 interaction Signature replays Unchecked from address in L1 Handler
Cosmos
Incorrect Signers
Non-Determinism Not Prioritized Messages Slow ABCI Methods ABCI Methods Panic Broken Bookkeeping Rounding Errors Unregistered Message Handler Missing Error Handler
Solana
Arbitrary CPI
Improper PDA Validation Ownership Check Signer Check Sysvar Account Check Improper Instruction Introspection
Substrate
Arithmetic Overflow Don't Panic! Weights and Fees Verify First Unsigned Transaction Validation Bad Randomness Bad Origin
Ton
Fake Jetton Contract Foward TON without gas check Int as boolean
Program Analysis
Echidna
Introduction
Installation
Introduction to Fuzzing How to Test a Property
Basic
How to select the most suitable testing mode
How to select the best testing approach How to filter functions How to test assertions How to write good properties step by step How to write properties that use ether
Advanced
How to collect a corpus
How to use optimization mode How to detect high gas consumption How to perform smart contract fuzzing at a large scale How to test bytecode-only contracts How and when to use cheat codes How to use hevm cheats to test permit How to seed Echidna with unit tests Understanding and using allContracts How to fuzz contracts with external libraries How to do on-chain fuzzing with state forking Interacting with off-chain data via FFI cheatcode
Fuzzing tips Frequently Asked Questions Configuration options Exercises
Exercise 1
Exercise 2 Exercise 3 Exercise 4 Exercise 5 Exercise 6 Exercise 7 Exercise 8
Medusa
Installation
First Steps Configuration Overview
Fuzzing Configuration
Testing Configuration Chain Configuration Compilation Configuration Slither Configuration Logging Configuration
CLI Overview
init
fuzz completion
Testing Overview
The Fuzzing Lifecycle
Types of Invariants Writing Function-Level Invariants Writing System-Level Invariants (WIP) Reporting
API Overview (WIP) Cheatcodes
warp
roll fee difficulty prevrandao chainId store load etch deal snapshot getCode getNonce setNonce coinbase prank startPrank stopPrank prankHere ffi addr sign toString parseBytes parseBytes32 parseInt parseUint parseBool parseAddress
Console Logging FAQ
Manticore
Introduction to symbolic execution
Running under Manticore Getting throwing paths Adding constraints Exercises
Example
Exercise 1 Exercise 2
Slither
Usage
API
Static Analysis
API SlithIR SSA Data dependency JSON output
Detectors
Detectors
Adding a detector
Printers Tools
Adding a new tool
Code Similarity Contract Flattening Documentation Doctor ERC Conformance Interface Mutator Path Finding Utility Property Generation Read Storage Format Upgradeability checks
Tutorials
Exercise 1
Exercise 2 Exercise 3
Resources
Security contact
Blog posts
The difficulty cheatcode has been deprecated in medusa. Since medusa uses a post-Paris EVM version, the cheatcode will not update the block.difficulty and instead calling it will be a no-op.
function difficulty(uint256) external;
