Building Secure Smart Contracts by Trail of Bits
Trail of Bits launched a revamped version of its Github repository with secure development guidelines and other best practices to write secure smart contracts:
https://secure-smartcontracts.com (Feel free to contribute to the repo!)
With no further ado I present you its table of contents (at the time of writing this article):
- Development guidelines
- High-level best practices: High-level best-practices for all smart contracts
- Incident Response Recommendations: Guidelines on how to formulate an incident response plan
- Secure development workflow: A rough, high-level process to follow while you write code
- Token integration checklist: What to check when interacting with arbitrary token
- Learn EVM: EVM technical knowledge
- EVM Opcodes: Details on all EVM opcodes
- Transaction Tracing: Helper scripts and guidance for generating and navigating transaction traces
- Yellow Paper Guidance: Symbol reference for more easily reading the Ethereum yellow paper
- Forks <> EIPs: Summarize the EIPs included in each Ethereum fork
- Forks <> CIPs: Summarize the CIPs and EIPs included in each Celo fork (EVM-compatible chain)
- Upgrades <> TIPs: Summarize the TIPs included in each TRON upgrade (EVM-compatible chain)
- Forks <> BEPs: Summarize the BEPs included in each BSC fork (EVM-compatible chain)
- Not so smart contracts: Examples of smart contract common issues. Each issue contains a description, an example and recommendations
- Program analysis: How to use automated tools to secure contracts
- Echidna: a fuzzer that will check your contract's properties.
- Slither: a static analyzer available through a CLI and scriptable interface.
- Manticore: a symbolic execution engine that can prove the correctness properties.
- For each tool, this training material will provide:
- a theoretical introduction, a walkthrough of its API, and a set of exercises.
- exercises expected to require ~two hours to practically learn its operation.
- Resources: Various online resources
- Trail of Bits blogposts: List of blockchain related blogposts made by Trail of Bits
Photo by Raimond Klavins on Unsplash
