ink

ink copied to clipboard

The other day somebody asked in our public channel about looking into how ink! behaves for the attack vectors described in the Smart Contract Weakness Classification and Test Cases.

Ideally we would go through the entire list and assess if/how we handle it in ink!. Possibly as a page in our ink-docs; we could add each point there one after the other as individual PR's where the discussion could take place.

@athei There are Solidity examples available for many of the attack vectors, most of them are best practices for developers, but it could still be interesting for you to take a look and see if there are things to be taken away for the contracts pallet.

Its Assess. The current title is....hilariously incorrect. Important work ;-) -Someone ;-)

LOVE this! 🌠 Also... My favorite thing to learn solidity by exploring it's vulnerabilities https://github.com/OpenZeppelin/ethernaut

This style of examples and game like learning is so cool.... Also a wealth of examples to continue the exploration of where ink can help you avoid the same mistakes I think 🙏😁

This is an incomplete Analysis of how common Solidity attack vectors relate to ink!:

https://github.com/achimcc/ink-security

I also discussed the occurence of one very specific Solidity bug and why ink! would have prevented it by design here:

https://codingconnects.com/cryptopunk-bug/