organize chapters for the ongoing research, remove dead links, add new resources

2025-06-28 08:27:12 -04:00 · 2024-11-04 18:42:30 +07:00 · 2024-11-04 18:42:30 +07:00 · 184e917000
commit 184e917000
parent 1748d1ed22
98 changed files with 421 additions and 11268 deletions
--- a/basic_knowledge/README.md
+++ b/basic_knowledge/README.md
@ -1,60 +1,57 @@
-## blockchain hacking: basic knowledge
+## blockchain hacking overview

 <br>

-### in this dir
+### chapters

 <br>

-* [oracles](oracles)
-* [honeypots](honeypots)
-* [cryptography](cryptography)
-* [evm and opcodes](evm_and_opcodes)
-* [l2s and rollups](l2_and_rollups)
-* [decentralized storage](decentralized_storage)
-
+* **[evm and opcodes](evm_and_opcodes)**
+* **[intro to bridges](bridges)**

 <br>

 ----

-### more resources
+### cool resources

 <br>

-* [SWC Registry](https://swcregistry.io/)
-* [Blockchain Security Database](https://consensys.github.io/blockchainSecurityDB/)
-* [Intro to Security first dev](https://www.youtube.com/watch?v=72K57I9yvyI)
-* [Spoof tokens on Ethereum](https://medium.com/etherscan-blog/spoof-tokens-on-ethereum-c2ad882d9cf6)
-* [Solidity security mind map](https://github.com/x676f64/secureum-mind_map)
-* [Pitfalls and best practices](https://github.com/x676f64/secureum-mind_map/blob/master/4.%20Pitfalls%20and%20Best%20Practices%20101.md)
-* [Hacking the Blockchain by Immunefi](https://medium.com/immunefi/hacking-the-blockchain-an-ultimate-guide-4f34b33c6e8b)
-* [Uniswap Oracle Attack Simulator by Euler](https://blog.euler.finance/uniswap-oracle-attack-simulator-42d18adf65af)
-* [Thinking About Smart Contract Security by Vitalik](https://blog.ethereum.org/2016/06/19/thinking-smart-contract-security/)
-* [Advanced Pitfalls and best practices](https://github.com/x676f64/secureum-mind_map/blob/master/5.%20Pitfalls%20and%20Best%20Practices%20201.md)
-* [The Evolution of Smart Contract Security](https://www.youtube.com/watch?v=fOkQuNzVn_Q)
-* [Audit findings](https://github.com/x676f64/secureum-mind_map/blob/master/7.%20Audit%20Findings%20101.md)
-* [Advanced audit findings](https://github.com/x676f64/secureum-mind_map/blob/master/8.%20Audit%20Findings%20201.md)
-* [Video on audit findings](https://www.youtube.com/watch?v=SromSImIpHE)
-* [Sigp public audits](https://github.com/sigp/public-audits)
-* [The Dangers of Price Oracles in Smart Contracts](https://www.youtube.com/watch?v=YGO7nzpXCeA&list=PLdJRkA9gCKOONBSlcifqLig_ZTyG_YLqz&index=5)
-* [Strategies for Secure Governance with Smart Contracts](https://www.youtube.com/watch?v=GbDAmMdmh8Q&list=PLdJRkA9gCKOONBSlcifqLig_ZTyG_YLqz&index=6)
-* [Security in Upgrades of Smart Contracts](https://www.youtube.com/watch?v=5WE6PEc305w&list=PLdJRkA9gCKOONBSlcifqLig_ZTyG_YLqz&index=7)
-* [Onward with Smart Contract Security](https://www.youtube.com/watch?v=RipXdV7vygs&list=PLdJRkA9gCKOONBSlcifqLig_ZTyG_YLqz&index=8)
-* [Publications from Trail of Bits](https://github.com/trailofbits/publications#blockchain)
-* [Smart contract security fundamentals by OpenZeppelin](https://www.youtube.com/playlist?list=PLBy3Qkuapv_7R1ZI_Cs2NOFn7ZTaNWY6G)
-* [White Hat panel: DeFi exploits](https://www.youtube.com/watch?v=Df2zzfoTfMc)
-* [Smart contract audit checklist](https://consensys.net/diligence/blog/2019/09/how-to-prepare-for-a-smart-contract-audit/)
-* [Another audit checklist](https://github.com/nascentxyz/simple-security-toolkit)
-* [Ethereum signature database](https://www.4byte.directory/)
-* [OpSec SelfGuard RoadMap](https://github.com/OffcierCia/Crypto-OpSec-SelfGuard-RoadMap)
-* [The Solcurity Standard](https://github.com/Rari-Capital/solcurity)
-* [Smart Contract Security Verification Standard](https://github.com/securing/SCSVS)
-* [SecurETH Guidelines](https://guidelines.secureth.org/)
-* [REKT leaderboard](https://rekt.news/leaderboard/)
-* [Smart Contract Attack Vectors](https://github.com/KadenZipfel/smart-contract-attack-vectors)
-* [List of known attack vectors](https://blog.sigmaprime.io/solidity-security.html)
-* [Awesome Ethereum security](https://github.com/crytic/awesome-ethereum-security)
-* [Bug Bounty 101](https://www.youtube.com/watch?v=S-Z2iwbT1Fg)
-* [DeFi hacks analysis and root causes](https://wooded-meter-1d8.notion.site/0e85e02c5ed34df3855ea9f3ca40f53b?v=22e5e2c506ef4caeb40b4f78e23517ee)
-* [awesome privacy](https://github.com/Lissy93/awesome-privacy)
+* **[swc registry](https://swcregistry.io/)**
+* **[intro to security first dev](https://www.youtube.com/watch?v=72K57I9yvyI)**
+* **[spoof tokens on ethereum](https://medium.com/etherscan-blog/spoof-tokens-on-ethereum-c2ad882d9cf6)**
+* **[solidity security mind map](https://github.com/x676f64/secureum-mind_map)**
+* **[pitfalls and best practices](https://github.com/x676f64/secureum-mind_map/blob/master/4.%20Pitfalls%20and%20Best%20Practices%20101.md)**
+* **[uniswap oracle attack simulator, by euler](https://blog.euler.finance/uniswap-oracle-attack-simulator-42d18adf65af)**
+* **[thinking about smart contract security, by vitalik](https://blog.ethereum.org/2016/06/19/thinking-smart-contract-security/)**
+* **[advanced pitfalls and best practices](https://github.com/x676f64/secureum-mind_map/blob/master/5.%20Pitfalls%20and%20Best%20Practices%20201.md)**
+* **[the evolution of smart contract security](https://www.youtube.com/watch?v=fOkQuNzVn_Q)**
+* **[audit findings](https://github.com/x676f64/secureum-mind_map/blob/master/7.%20Audit%20Findings%20101.md)**
+* **[advanced audit findings](https://github.com/x676f64/secureum-mind_map/blob/master/8.%20Audit%20Findings%20201.md)**
+* **[account abstraction's impact on security and ux](https://blog.openzeppelin.com/account-abstractions-impact-on-security-and-user-experience)**
+* **[video on audit findings](https://www.youtube.com/watch?v=SromSImIpHE)**
+* **[sigp public audits](https://github.com/sigp/public-audits)**
+* **[the dangers of price oracles in smart contracts](https://www.youtube.com/watch?v=YGO7nzpXCeA&list=PLdJRkA9gCKOONBSlcifqLig_ZTyG_YLqz&index=5)**
+* **[strategies for secure governance with smart contracts](https://www.youtube.com/watch?v=GbDAmMdmh8Q&list=PLdJRkA9gCKOONBSlcifqLig_ZTyG_YLqz&index=6)**
+* **[security in upgrades of smart contracts](https://www.youtube.com/watch?v=5WE6PEc305w&list=PLdJRkA9gCKOONBSlcifqLig_ZTyG_YLqz&index=7)**
+* **[onward with smart contract security](https://www.youtube.com/watch?v=RipXdV7vygs&list=PLdJRkA9gCKOONBSlcifqLig_ZTyG_YLqz&index=8)**
+* **[publications from trail of bits](https://github.com/trailofbits/publications#blockchain)**
+* **[smart contract security fundamentals, by openzeppelin](https://www.youtube.com/playlist?list=PLBy3Qkuapv_7R1ZI_Cs2NOFn7ZTaNWY6G)**
+* **[white hat panel: defi exploits](https://www.youtube.com/watch?v=Df2zzfoTfMc)**
+* **[smart contract audit checklist](https://consensys.net/diligence/blog/2019/09/how-to-prepare-for-a-smart-contract-audit/)**
+* **[another audit checklist](https://github.com/nascentxyz/simple-security-toolkit)**
+* **[ethereum signature database](https://www.4byte.directory/)**
+* **[opsec selfguard roadmap](https://github.com/OffcierCia/Crypto-OpSec-SelfGuard-RoadMap)**
+* **[the solcurity standard](https://github.com/Rari-Capital/solcurity)**
+* **[smart contract security verification standard](https://github.com/securing/SCSVS)**
+* **[rekt leaderboard](https://rekt.news/leaderboard/)**
+* **[smart contract attack vectors](https://github.com/KadenZipfel/smart-contract-attack-vectors)**
+* **[list of known attack vectors](https://blog.sigmaprime.io/solidity-security.html)**
+* **[awesome ethereum security](https://github.com/crytic/awesome-ethereum-security)**
+* **[bug bounty 101](https://www.youtube.com/watch?v=S-Z2iwbT1Fg)**
+* **[comprehensive analysis of phishing attacks on blockchain](https://mirror.xyz/x-explore.eth/z-QBZUMa3s9BOku4ixTCvmYyeACdFVqRlHvm6XdzvVA)**
+* **[defi hacks analysis and root causes](https://wooded-meter-1d8.notion.site/0e85e02c5ed34df3855ea9f3ca40f53b?v=22e5e2c506ef4caeb40b4f78e23517ee)**
+* **[awesome privacy](https://github.com/Lissy93/awesome-privacy)**
+* **[security and auditing full course 2023](https://github.com/Cyfrin/security-and-auditing-full-course-s23)**
+* **[smart contract security course by cyfrin updraft](https://updraft.cyfrin.io/courses/security)**
+* **[the forgotten ipfs vulnerabilities](https://diligence.consensys.io/blog/2022/09/the-forgotten-ipfs-vulnerabilities/)**
--- a/basic_knowledge/bridges/README.md
+++ b/basic_knowledge/bridges/README.md
@ -0,0 +1,12 @@
+## bridges
+
+<br>
+
+### tl; dr
+
+<br>
+
+
+<p align="center">
+<img width="666"  src="https://github.com/go-outside-labs/blockchain-auditing/assets/1130416/af20c621-f875-4091-9e6e-061f8c998667">
+</p>
--- a/basic_knowledge/cryptography/README.md
+++ b/basic_knowledge/cryptography/README.md
@ -1,10 +0,0 @@
-## cryptography
-
-<br>
-
---
-
-### resources
-
-* [keccak](keccak.md)
-* [asymmetric cryptography](asymmetric_crypto.md)
--- a/basic_knowledge/cryptography/asymmetric_crypto.md
+++ b/basic_knowledge/cryptography/asymmetric_crypto.md
@ -1,9 +0,0 @@
-## 🍈 asymmetric crypto
-
-<br>
-
-* a private key in etherem is 64 random hex characters (or 32 bytes or 256 bits)
-* the public key is derived from the private key using elliptic curve digital signature algorith (ECDSA)
-* the ethereum address are the first 20 bytes of the SHA3 hashed public key
-* the private key creates a signature, the public key verifies the signature
-* when you transfer ether from one address to another, the tx is signed by your private key
--- a/basic_knowledge/cryptography/keccak.md
+++ b/basic_knowledge/cryptography/keccak.md
@ -1,52 +0,0 @@
-## 🥐 keccak
-
-<br>
-
-### hashing
-
-<br>
-
-
-* hashing is a mathematical op converting an input message into a digest
-* the transformation of a str of characters into a (usually shorter) fixed-length value or key that represents the original string.
-* used to determine the integrity of a message, fast data retrieval and to encrypt/decrypt digital signatures
-* collisions found: MD5 (128, 1992), SHA-1 (160, 1995)
-* no collisions found: SHA-2 (224/256/384/512, 2001) 
-
-<br>
-
-### secure hash algorithm (SHA)
-
-<br>
-
-* family of cryptographic hash functions by NIST
-* preprocessing: padding the data for blocking (fixed size message blocks)
-
-<br>
-
-### SHA-3/keccak
-
-<br>
-
-* 2012 as the winner of the NIST hash function competition
-* based on the sponge function: variable input and output length
-* parameters (decides the strength):
-     * r bits: rate, defines speed
-     * c bits: capacity, defines the security level 
-* no key schedule, instead round constants
-* state us 5x5x64 bits block
-* the rho module rotates each 64-bit element by a triangular number: 0, 1, 3, 6, 10, 15...
-* the pi module permutes the 64-bit elements
-* the chi module adds a non-linear aspect to the permutation round
-* the iota module breaks up any symmetry caused by the other modules, through XORing one of the array elements to a round constant
-
-<br>
-
-##### application & strength
-
-<br>
-
-* high level of parallelism
-* flexibility, bit interleaving
-* suited for protection against side-channel attack
-
--- a/basic_knowledge/decentralized_storage/README.md
+++ b/basic_knowledge/decentralized_storage/README.md
@ -1,12 +0,0 @@
-## decentralized storage
-
-### tl; dr
-
-
-<br>
-
----
-### resources
-
-
-* [forgotten IPFS vulns](https://consensys.net/diligence/blog/2022/09/the-forgotten-ipfs-vulnerabilities)
--- a/basic_knowledge/evm_and_opcodes/README.md
+++ b/basic_knowledge/evm_and_opcodes/README.md
@ -1,36 +1,37 @@
-## the evm
+## evm and opcodes

+<br>

 ### tl;dr

-* EVM is a quasi-Turing complete machine (quasi because computation is intrinsically bounded/limited through a parameter: gas) 
-* EVM is the runtime environment for smart contracts.
-* "Ethereum virtual machine code" or "EVM code" are cute lil code are written in a low-level, stack-based bytecode language, each byte represents an operation.
-* EVM memory is a simple stack-based architecture with: stack, volatile memory, non-volatile storage (word size of 256-bit) and the fearful Calldata.
+<br>
+
+* the evm is a quasi-turing complete machine (quasi because computation is intrinsically bounded/limited through a parameter: gas). it's the runtime environment for smart contracts.
+* the evm memory is a simple stack-based architecture with: stack, volatile memory, non-volatile storage (word size of 256-bit) and calldata.

 <br>

 ---

-### in this repo
+### chapters

 <br>

-* [my favorite opcodes](evm_and_opcodes/my_favorite_opcodes.md)
+* **[my favorite opcodes](my_favorite_opcodes.md)**

 <br>

 ---

-### resources
+### cool resources

 <br>

-* [opcodes for the evm](https://ethereum.org/en/developers/docs/evm/opcodes/)
-* [opcodes and instruction reference](https://github.com/crytic/evm-opcodes)
-* [EVM Contract Construction](https://blog.smlxl.io/evm-contract-construction-93c98cc4ca96)
-* [ethersplay](https://github.com/crytic/ethersplay)
-* [IDA EVM](https://github.com/crytic/ida-evm)
-* [Ethereum book](https://github.com/ethereumbook/ethereumbook)
-* [Ethereum's Whitepaper](https://ethereum.org/en/whitepaper/)
-* [Understanding rollups](https://barnabe.substack.com/p/understanding-rollup-economics-from?s=r)
+* **[opcodes for the evm](https://ethereum.org/en/developers/docs/evm/opcodes/)**
+* **[opcodes and instruction reference](https://github.com/crytic/evm-opcodes)**
+* **[evm contract construction](https://blog.smlxl.io/evm-contract-construction-93c98cc4ca96)**
+* **[ethersplay](https://github.com/crytic/ethersplay)**
+* **[ida evm](https://github.com/crytic/ida-evm)**
+* **[ethereum book](https://github.com/ethereumbook/ethereumbook)**
+* **[ethereum's whitepaper](https://ethereum.org/en/whitepaper/)**
+
--- a/basic_knowledge/evm_and_opcodes/my_favorite_opcodes.md
+++ b/basic_knowledge/evm_and_opcodes/my_favorite_opcodes.md
@ -1,7 +1,8 @@
-## 🐼 my favorite opcodes
+##  my favorite opcodes

 <br>

+
 | opocde      | name        | min gas     |    details      |
 | ----------- | ----------- | ----------- | --------------- |
 | 20          | SAH3        | 30          | keccak-256 hash of the given data in memory |
--- a/basic_knowledge/honeypots/README.md
+++ b/basic_knowledge/honeypots/README.md
@ -1,15 +0,0 @@
-## honeypots
-
-<br>
-
-### tl; dr
-
-<br>
-
-<br>
-
----
-
-###
-
-
--- a/basic_knowledge/l2_and_rollups/README.md
+++ b/basic_knowledge/l2_and_rollups/README.md
@ -1,66 +0,0 @@
-##  l2s && rollups
-
-### tl; dr
-
-* the current Ethereum version has low transaction throughput and high latency in processing. This means that transactions are both slow and prohibitively expensive, due to high demand, relative to what the network can take at any given time.
-* there are two types of scaling solutions:
-
-     - On-chain scaling refers to any direct modification made to a blockchain, like data sharding and execution sharding in the incoming Ethereum 2.0.
-     - Off-chain scaling refers to any innovation outside of a blockchain, i.e., the execution of transaction bytecode happens externally instead of on Ethereum. hese solutions are called L2, because layer 2 works above layer 1 (Ethereum) to optimize and speed up processing. Arbitrum and Optimism Ethereum are two well-known examples of L2 scaling solutions.
-* there are two leading L2 solutions:
-     - Zero-Knowledge (zk) rollups, and
-     - Optimistic rollups
-
-<br>
-
---
-
-#### zk-rollups
-
-* zk-rollups bundle together many off-chain transactions into a single verifiable batch using zk-SNARK. 
-* zk-SNARK is an extremely efficient, zero-knowledge proof that allows one party to prove it possesses certain information without revealing that information. These validity proofs are then posted to the Ethereum blockchain.
-
-<br>
-
---
-#### optimistic rollups
-
-* Instead of executing and storing all the data on Ethereum, where transactions are only processed at a premium, we only store a summary.
-* All the actual computation and storage of contracts and data is done on L2.
-* Rollups inherit Ethereum's security guarantess, while still acting as an efficient scalin solution.
-* Optimistic rollup batch together off-chain transactions into braches, without a proof of their validity.
-* When assertions of the L2 state are posted on-chain, validators of the rollup can challenge the assetion when they think there is a malicious state (fraud detection).
-
-<br>
-
---
-#### state channel
-
-* setting up channels between parties to form an off-chain network within which many transactions take place
-* final state is updated on ethereum
-
-<br>
-
---
-
-#### side cain
-
-* conduct txs in a separate blockchain with its own consensus mechanism
-* assets and data are transferred with ethereum through a smart contract that locks assets and recreates representative opens in the side chain
-
-
-<br>
-
---
-#### plasma chain
-
-* similar to side chains, functioning as separate chains with their own consensus mechanisms
-* roots of each block are published to ethereum, which makes the system more secure but limits its ability for complex operations
-
-
-<br>
-
-
---
-
-### resources
--- a/basic_knowledge/l2_and_rollups/circom.md
+++ b/basic_knowledge/l2_and_rollups/circom.md
@ -1,8 +0,0 @@
-## [circom](https://docs.circom.io/)
-
-<br>
-
-* circom is a domain-specific language (dsl) and a compiler that can used to generate and verify zkps.
-* zkps are powerful cryptographic tools that allow you to make proofs about a statement witout reveling any private information
-* circom and other dls are used to describe a computation, together with a set of constraints on the program in/output
-* the circom compiler takes a program and generates a prover and a verifier
--- a/basic_knowledge/oracles/README.md
+++ b/basic_knowledge/oracles/README.md
@ -1,11 +0,0 @@
-## oracles
-
-### tl; dr
-
-
-<br>
-
---
-### resources 
-
-* [mev toolkit on oracles](https://github.com/go-outside-labs/mev-toolkit/tree/main/MEV_strategies/oracles)