Secureum Part 6: Audit Techniques & Tools 101
- Article on "Audit Techniques & Tools 101": https://secureum.substack.com/p/audit-techniques-and-tools-101
- YouTube videos on "Audit Techniques & Tools 101":
- Block 1: https://youtu.be/M0C7z3TE5Go
- Block 2: https://youtu.be/QstpNY1IuqM
- Block 3: https://youtu.be/QmD2bJUe140
- Block 4: https://youtu.be/jZ81ebDJVe0
- Block 5: https://youtu.be/dgITqd3mkDk
- Run MythX (Use promotion code: redacted) on Fei Protocol contracts and analyze the reported findings: https://github.com/fei-protocol/fei-protocol-core/tree/master/contracts
- Run Slither on Uniswap V3 contracts and analyze the reported findings: https://github.com/Uniswap/uniswap-v3-core/tree/main/contracts
- Watch “The Evolution of Smart Contract Security” by Dan Guido, Trail of Bits: https://www.youtube.com/watch?v=fOkQuNzVn_Q
- Attempt Paradigm CTF: https://github.com/paradigm-operations/paradigm-ctf-2021
- Jokes aside, this was an entertaining chapter! I really liked the list of audit firms (I will repost them in a separate article) + an overview of all the security tooling one can use. It is a daunting overview to say the least, but such is life. Security is complex, and in such a fast-paced, emerging technology field it's to be expected that there is a exponential growth in supporting security tools.
- I might publish some articles with how-to's on each tool, that's perhaps helpful for 1/ myself and 2/ other people dipping their toes in smart contract security audits.