Table of Contents Table of Contents Summary Scope System Overview Security Model and Trust AssumptionsPrivileged Roles Low SeverityIncomplete Docstrings Optimization for PRIMARY_FACTOR_ADDRESS and PRIMARY_CONDITIONAL_MULTIPLIER_ADDRESS Checks Floating Pragma Notes & Additional InformationAmbiguous Call to Parent Contract Functions Updating State Without Event Emissions Lack of Indexed Event Parameters Post-EIP-6780 selfdestruct Does Not Delete Code Indecisive Licenses Unnecessary Data Field i...| OpenZeppelin Blog
Table of Contents Table of Contents Summary Scope System Overview Privileged Roles and Trust Assumptions Medium SeverityExcess Gas Remains in SpokePool Fee Cap May Be Too Low Conclusion| OpenZeppelin Blog
Table of Contents Table of Contents Summary Scope System OverviewNew Contracts Diff Changes Security Model and Trust Assumptions Low SeverityCurrencies Do Not Accept a Bond By Default The RequestManagerAdded and RequestManagerRemoved Events Can Be Wrongfully Emitted Missing Interface Validation for Whitelist Contracts Missing Test Suite Problematic Whitelist Implementation Minimum Liveness Can Be Set Beyond Valid Bounds Notes & Additional InformationUse of Storage Gaps for Upgradeability Inco...| OpenZeppelin Blog
Solidity es un lenguaje de programación usado para escribir el código de las DApps que se ejecutarán sobre la Ethereum Virtual Machine.| Bit2Me Academy
Table of Contents Table of Contents Summary Scope System OverviewPEG-IN Process PEG-OUT Process Security Model and Trust AssumptionsPrivileged Roles High SeverityMalicious Owner Can Mint Wrapped BTC From Arbitrary Bitcoin Transactions Medium SeverityPotential Loss of Wrapped BTC Malicious Owner Can Mint to a Random Recipient Low SeverityFunctions Updating State Without Event Emissions Missing Docstrings Potential Loss of Ownership During Transfers Missing _disableInitializers Notes & Addition...| OpenZeppelin Blog
Table of Contents Table of Contents Summary Scope System OverviewCore Mechanisms Price Oracles Asset Management Security Model and Trust AssumptionsPrivileged Roles By Contract Critical SeverityAttacker can Lock User Funds through Redeem Function High SeverityFlashloan Functionality is Blocked Pools Can Be Subject to Price Manipulation Leading to Early Liquidations or Arbitrage Medium SeverityFlashloan Functionality Does Not Follow ERC-3156 Standard Redemption Waiting Can Be Gamed Pool at Cap...| OpenZeppelin Blog
I'm currently studying the revive-pallet and how to deploy Solidity contracts on Polkadot Asset Hub....| WEB3DEV
Exploring opportunities for Solidity developers beyond Ethereum/EVM🤑 In this guide, I will be unveiling to you how to make money💸 with your existing Solidity skill This time around not just on Ethereum/EVM Blockchains but expanding the opportunities into Solana Blockchain. The post How To Make Money As A SOLIDITY Developer On Solana (Hyperdrive Hackathon) appeared first on dProgramming University.| dProgramming University
Write, Build and Deploy Solana SPL (Fungible) Token Program In Solidity In this in-depth step-by-step guide, I will break down what is the Solana SPL Token Program and take you by hand to show you in a simplified manner on how you can actually use Solidity to create an SPL token on Solana. We will also consider a comparison between Ethereum ERC20 and Solana SPL (Fungible) Token Program. The post Ultimate Guide To Create Solana SPL (Fungible) Token Program In Solidity With Solang And Anchor ap...| dProgramming University
We make here a general presentation about how the formal verification of smart contracts works by explaining:| Formal Land Blog
In this blog post, we detail the continuation of our work to formally verify the ⚈ Smoo.th library, which is an optimized implementation of elliptic curve operations in Solidity. We use our tool coq-of-solidity, representing any Solidity code in the generic proof assistant 🐓 Coq, to verify the code for any execution path.| Formal Land Blog
La Ethereum VIrtual Machine o EVM es una maquina virtual y el corazón de la cadena de bloques Ethereum pues esta hace posible la ejecución de las DApps.| Bit2Me Academy
Finished a weekend project that may be useful for onchain vulnerability analysis of deployed smart contracts: https://github.com/Decurity/tx-coverage tx-coverage allows to reveal unused code of live smart contracts by collecting coverage from historical transactions. With it you can discover code that was never executed onchain and may contain potential bugs. The post New tool: tx-coverage first appeared on Raz0r — Web3 Security.| Raz0r — Web3 Security
To achieve composability in DeFi, many projects require external sources of truth or price feeds. This article explores the common vulnerabilities in the use of pricing and oracles with real-world examples.| Sigma Prime
--- What you will need ✅ 1. The **Chrome** web browser - [Download here](https://www.google.com/chrome/browser/desktop/) 2. The **Metamask** Chrome extension - [Download here](https://chrome.google.com/webstore/detail/metamask/nkbihfbeogaeaoehlefnkodbefgpgknn) Metamask allows you to sign Ethereum transactions *without* running a full Geth node. Contract| karl.tech
Reliance on Javascript is stunting the growth of the Solidity development ecosystem. It’s why new developers get stuck. It’s why we struggle integrating Solidity into development environments. And it’s why much of our documentation is out of date. We are stuck in our Javascript| karl.tech
Blockchain storage is limited and block space is therefore expensive, especially at times of peak congestion. Solidity developers must employ strategies to optimise data storage whilst maintaining the integrity and accessibility of their smart contracts. One of the most effective approaches is to| JamesBachini.com
Among Solidity's essential features are the fallback and receive functions, which play crucial roles in handling Ether transactions and contract interactions. A thorough understanding of these functions is vital for developers aiming to create robust and secure smart contracts. The Fallback Funct| JamesBachini.com
Cross-Chain Interoperability Gas Fees For Deployment & Users Block Times & Frontend Considerations Layer 2 solutions have emerged as a crucial component in addressing scalability issues. Optimising smart contracts for these Layer 2 chains is essential to harness their full potentia| JamesBachini.com
Solidity libraries enable blockchain developers to create modular reusable code. This shared usage avoids duplicating code, saves gas during deployment and promotes consistency within a code base. Let's create a basic library that demonstrates how this works: // SPDX-License-Identifier: MIT pr| JamesBachini.com
We audited the Fantom-foundation/Bridge repository at commit 558465d. Smart Contract Audit.| blog.openzeppelin.com
We audited the Fantom-foundation/Opera-Bridge repository at commit 730e10b3. Smart Contract Audit.| blog.openzeppelin.com
How events work in web3 Simple event emitter contract Setting up Ethers.js with React Subscribing to events Filtering the event data Event based state changes How events work in web3 Events in Web3 act as logs of significant occurrences within a smart contract. When a specific| JamesBachini.com
In this tutorial we are going to be deploying a simple NFT contract to Ethereum and then minting new NFT's using a bot built with Rust and ethers-rs Let's start by heading to Remix and deploying this contract to Ethereum's Sepolia testnet. It has already been deployed here if you want to skip th| JamesBachini.com
This tutorial will guide you through the process of building a token bridge using LayerZero v2, specifically employing the OFTAdapter on mainnet and the OFT.sol contract on all other chains. We'll cover the setup and deployment workflow, ensuring you have a comprehensive understanding of the process| JamesBachini.com
Many DeFi Protocols have decentralised using DAOs and token governance. This article explores the common vulnerabilities in the governance of DAOs with real-world examples.| Sigma Prime
Liquid Restaking protocols are a big trend in the DeFi space. This article explores the common vulnerabilities in liquid restaking protocols with real-world examples.| Sigma Prime
A summary of Ethereum's upgrades and their implications on smart contract functionality.| Sigma Prime
Discover what the Polygon Amoy testnet is, how to get Amoy testnet MATIC tokens, and how to add them to your wallet.| Chainlink Blog
Este artigo foi originalmente publicado nos Tutoriais da BuildBear. ERC-4626 é um padrão de cofre...| WEB3DEV
In this article, we will be creating an Ehereum based cryptocurrency token using a smart contract and deploy it to a blockchain network.| RefactorFirst
What is "commit-reveal"? In this tutorial we learn about a useful cryptographic technique and how it is used in a Solidity voting smart contract!| karl.tech
A practical guide to safe choices and best practices when deploying proxies for a project| Sigma Prime