What is a smart contract audit? | Cyfrin Updraft

What is a smart contract audit?

This lesson delves into what a smart contract audit, or more accurately, a security review, truly entails. It discusses the three phases of a security review, the importance of these reviews in ensuring code security on immutable blockchain systems, and effective techniques used in the process. The lesson also emphasizes the distinction between the terms 'audit' and 'security review' and their implications in the context of blockchain and smart contracts.

Solidity Developer

Smart Contract Security

Course Introduction

Duration: 25min

Section 1: Review

Duration: 1h 18min

Section 2: What is a smart contract audit

Duration: 35min

1. What is a smart contract audit?

This lesson delves into what a smart contract audit, or more accurately, a security review, truly entails. It discusses the three phases of a security review, the importance of these reviews in ensuring code security on immutable blockchain systems, and effective techniques used in the process. The lesson also emphasizes the distinction between the terms 'audit' and 'security review' and their implications in the context of blockchain and smart contracts. Duration: 10min

2. The audit process

Learn about the smart contract audit process, explore key steps from initial context gathering to the final mitigation review. Duration: 5min

3. Rekt test

This lesson introduces the Rekt Test, a set of critical questions designed to assess a protocol's readiness for a security audit. Duration: 4min

4. Security Tools

Discover various smart contract auditing tools, including static analysis tools like Slither and Aderyn, fuzzing methods, formal verification, and AI. Duration: 5min

5. What if a protocol I audit gets hacked?

Security reviews can't guarantee prevention against hacks; To what extent should a security reviewer feel responsible and what should they do? Duration: 4min

6. Top Web3 Attacks

Developing an attacker-defender mindset & continuous learning in cybersecurity skills. Exploring attack vectors like private key exploitation & price oracle manipulation. Emphasizing learning through exercises & tools. Duration: 1min

7. Recap

Recap smart contract auditing process and importance, with emphasis on security throughout development lifecycle, tools like static analysis and fuzzing, phases of review, and attack factors. Duration: 3min

8. Exercises

Sign up for security newsletters, stay updated, learn about hacks & exploits. Duration: 3min

Section 3: Your First Audit | PasswordStore

Duration: 2h 16min

Section 4: Puppy raffle

Duration: 5h 03min

Section 5: TSwap

Duration: 5h 22min

Section 6: Thunder Loan

Duration: 4h 33min

Section 7: Boss Bridge

Duration: 2h 01min

Section 8: MEV & Governance

Duration: 1h 40min

Testimonials

Students Reviews

Read what our students have to say about this course.

Chainlink

Chainlink

Gustavo Gonzalez

Solutions Engineer at OpenZeppelin

Francesco Andreoli

Lead Devrel at Metamask

Albert Hu

DeForm Founding Engineer

Radek

Senior Developer Advocate at Ceramic

Boidushya

WalletConnect

Idris

Developer Relations Engineer at Axelar