EatTheBlocks – Smart Contract Security 101 (2021)
Security Course 101
The objective of this course is to understand how to develop a smart contract in the safest way possible. For this, we need to keep in mind not only what we want to create in the contract, but how to generate security-focused code.
To achieve this purpose, since the contracts in a large percentage represent real money, we need to be updated as developers on the most known vulnerabilities and know how old hacks worked so as not to repeat those same errors.
This course not only focuses on the most known vulnerabilities currently but is also good practices, explanation of patterns and problems of these, for example, conflicts when using upgradeable contracts or how to obtain random numbers within a deterministic blockchain.
All this knowledge will be useful not only to develop smart contracts but also to audit them. Therefore, it is a core knowledge of smart contracts.
What will you learn in this course?
In this course you will learn:
- Understanding security in a Blockchain Application.
- How does an attack on a Smart Contract work?
- Known attacks and how to fix them (Reentrancy, Overflow, Replay Attack, DoS, weak randomness, and much more).
- Best practices and security patterns.
- Understand how three famous hacks happened.
- How to test your contract
- How to know the coverage of your test?
We will use:
- Hardhat
- Solidity
- OpenZeppelin
- Javascript
- Ethers.js
- Chainlink library
- Chai.js
- Coverage
Pre-requisites:
- Web Development (Javascript, NodeJS)
- Blockchain Development (Ethereum, Solidity, Hardhat)
Your Instructor
https://www.linkedin.com/in/santiago-julian-moreno
Course Curriculum
1. Welcome
- 1.1. Introduction (3:24)
- 1.2. Understanding Security Importance (4:28)
- 1.3. Prerequisites
- 1.4. Resources
- 1.5. Q&A
2. Access Control
- 2.1. AgreedPrice (1:34)
- 2.2. AgreedPrice Tests (4:44)
- 2.3. Require Statement Solution (4:06)
- 2.4. Custom Modifier Solution (5:28)
- 2.5. Community Vetted Code (2:35)
- 2.6. Ownable Solution (3:09)
- 2.7. Q&A
3. Unencrypted Data
- 3.1. Unencrypted Data Introduction (0:51)
- 3.2. Vault Contract (2:35)
- 3.3. Storage Layout (2:07)
- 3.4. Peeking in the storage (4:12)
- 3.5. Conclusions (0:52)
- 3.6. Q&A
4. Overflow
- 4.1. Overflow Introduction (3:50)
- 4.2. SimpleToken (Victim) (2:07)
- 4.3. Exploit (5:35)
- 4.4. Overflow Soltuions (5:07)
- 4.5. Conclusions (1:33)
- 4.6. Q&A
5. Contracts Interactions
- 5.1. Contracts Interactions Introduction (1:46)
- 5.2. Call(), send(), transfer() (2:33)
- 5.3. SavingsAccount & Investor contracts (2:11)
- 5.4. Interactions Tests (6:40)
- 5.5. Q&A
6. Reentrancy
- 6.1. Introdiction (2:06)
- 6.2. SavingAccounts V2 & InvestorV2 (2:18)
- 6.3. Reentrancy Attack (5:39)
- 6.4. Reentrancy Solutions (4:40)
- 6.5. Q&A
7. Tx.origin
- 7.1. Introduction (2:20)
- 7.2. SmallWallet & Attacker (2:19)
- 7.3. Exploit (3:31)
- 7.4. Solution (1:28)
- 7.5. Q&A
8. Denial Of Service
- 8.1. Introduction (1:38)
- 8.2. Auction Contract (2:38)
- 8.3. Attack (5:34)
- 8.4. Solution – Auction V2 (6:06)
- 8.5. Q&A
9. Upgradeability
- 9.1. Introduction (1:58)
- 9.2. How Delegatecall Works (3:49)
- 9.3. Storage Collisions (7:58)
- 9.4. Custom Solution And Related Vulnerabilities (4:53)
- 9.5. Q&A
10. Weak Randomness
- 10.1. Introduction (1:44)
- 10.2. Lottery Contract (2:53)
- 10.3. The Path Of A Transaction (2:17)
- 10.4. Miner Attack (5:16)
- 10.5. Replicated Logic Attack (3:11)
- 10.6. Chainlink VRF (5:50)
- 10.7. Q&A
11. Replay Attacks
- 11.1. Introduction (1:48)
- 11.2. Signing a message off-chain with a wallet (1:33)
- 11.3. MultiSigWallet Contract (2:12)
- 11.4. Replay Attack on MultiSig (3:06)
- 11.5. Replay Attack Fix (2:52)
- 11.6. Q&A
12. Real Life Hacks
- 12.1. Introduction (0:50)
- 12.2. The DAO (5:22)
- 12.3. The King Of Ether (2:41)
- 12.4. Parity Multi Sig Wallet (5:49)
13. Conclusion
- 13.1. Conclusion (1:27)
Instant Access Available
Product Content
Get Instant Download EatTheBlocks – Smart Contract Security 101 (2021) at Offimc.click Now!
Sale Page: https://eattheblocks-pro.teachable.com/p/smart-contract-security-101
Archive: https://archive.ph/wip/1JuXE
Delivery Information
- Upon ordering the product, a delivery email with download instructions will be sent immediately to you so that you may download your files. If you log in (or create an account) prior to purchase you will also be able to access your downloads from your account dashboard.
- It is a digital download, so please download the order items and save them to your hard drive. In case the link is broken for any reason, please contact us and we will resend the new download link to you.
- If you don't receive the download link, please don’t worry about that. We will update and notify you as soon as possible from 8:00 AM – 8:00 PM (UTC+8).
- Please Contact Us if there are any further questions or concerns you may have. We are always happy to assist!
9 reviews for EatTheBlocks – Smart Contract Security 101 (2022)
There are no reviews yet.