Building Secure Smart Contracts

Follow our guidelines and best practices to write secure smart contracts.

Table of contents:

• Development guidelines
  • High-level best practices: High-level best-practices for all smart contracts
  • Incident Response Recommendations: Guidelines on how to formulate an incident response plan
  • Secure development workflow: A rough, high-level process to follow while you write code
  • Token integration checklist: What to check when interacting with arbitrary token
• Learn EVM: EVM technical knowledge
  • EIPs - forks: summarize the EIPs included in each fork
• Program analysis: How to use automated tools to secure contracts
  • Echidna: a fuzzer that will check your contract's properties.
  • Slither: a static analyzer avaialable through a CLI and scriptable interface.
  • Manticore: a symbolic execution engine that can prove the correctness properties.
  • For each tool, this training material will provide:
    • a theoretical introduction, a walkthrough of its API, and a set of exercises.
    • exercises expected to require ~two hours to practically learn its operation.