blockchains-security-toolkit/advanced_expert/bug_hunting/README.md at e15e89cfa3f0ff4e8359e66e96181536a99c7359 - Git-Mirrors/blockchains-security-toolkit - Gitea: Git with a cup of tea

Git-Mirrors/blockchains-security-toolkit

mirror of https://github.com/autistic-symposium/blockchains-security-toolkit.git synced 2025-07-02 18:36:51 -04:00

bt3gl 184e917000 organize chapters for the ongoing research, remove dead links, add new resources

2024-11-04 18:42:30 +07:00

537 B

Raw Blame History

bug hunting smart contracts

tl; dr

initial questions

list external and public functions.
when and where external call happens and what changes.
check payable functions.
how functions are accessed (permissions by who).
follow the flow for transfers.

look for common vulnerabilities

reentrancy with flashloans, fallbacks, payables.
access control.
arithmetic errors.

create an enviroment for testing

static analysis
fuzzing and poc exploits (use foundry)