Smart Contract Auditing

Introduction to Web3 Auditing

• Overview of Auditing : Definition and importance of security assessments in Web3 projects.
• Scope of Audits : Differentiating between on-chain smart contract code and off-chain components.
• Target Audience for Audits : Understanding who benefits from the audits.
• Expectations : Understanding what audits aim to achieve and their limitations.
• Ethical and Professional Standards in Auditing : The importance of ethical and professional standards in the auditing process.

Choices and Considerations

• Differentiating Audit Types : New, repeat, fix, retainer, and incident audits.
• Phases of the Smart Contract Audit Process : The stages of a typical audit process.
• Auditing firms and Independent Auditors : A look at the industry and the participants.
• Decentralized Auditing : Gameified systems like Code4rena, Sherlock, Cantina, Codehawks, Hats.finance, Immunefi
• Cost Considerations : Factors that influence audit cost and strategies for getting the most value from an engagement.
• Guidelines on Audit Selection : Guidelines for project teams on selecting the audit type based on a project's stage and needs.

Preparation and Initialization

• Audit Prerequisites : Essential elements and documentation required before starting an audit.
• Audit Checklist : A comprehensive list to prepare projects for security audits.
• Initial Code Walkthrough : The importance of a preliminary code review before the audit begins.
• Communication Channels : Messaging Channels and regular meetings for updates via Video Conference are normal, there may be barriers due to languages and time zones. Ongoing communication is key to a successful audit.

Audit Reports

• Components of an Audit Report : Detailed explanation of what is included in audit reports.
• Interpreting Audit Findings : How to understand and act on the findings presented in the report.
• Recommendations and Remediations : Addressing and mitigating the identified issues and vulnerabilities.

The Basics

• Security Researcher's Toolbox: Tools & Smart Contract Development Basics - IDEs, Plugins, AuditWizard, AI (ChatGPT),
• Overview of Audit Techniques : The process of auditing smart contracts and the techniques used.
• Secure Smart Contract Design The principles of secure smart contract design, such as minimizing attack surface, using tested and proven libraries, access control, and following security specific design pattern
• NatSpec and Documentation : The importance of documentation and the NatSpec standard for smart contracts.

Smart Contract Auditing Tools

• Foundry Forge : A Rust based Development Framework that includes many useful tools for understanding and testing smart contract including a stateless and stateful (Invariant) fuzzer
• Mythril : A security analysis tool for Ethereum smart contracts. It uses concolic analysis (dynamic symbolic execution), SMT Solving taint analysis, and control flow checking to detect a variety of security vulnerabilities.
• Slither : A static analysis framework that can detect common issues such as re-entrancy, suicidal contracts, and incorrect visibility.
• Echidna : A property-based fuzzer that can be used to find bugs in smart contracts.
• Certora : Formal verification tool for smart contracts.
• MythX : A SAAS security analysis platform for Ethereum smart contracts.

Smart Contract Testing

• Unit Testing : Unit tests for auditors individual components of your contract function as expected.
• Integration Testing : Testing multiple components of a contract together to ensure they work correctly in unison.
• Creating POCs : Creating Proof of Concepts to demonstrate the vulnerabilities found in the audit.

Fuzzing

• Stateless vs Stateful Fuzzing : The difference between stateless and stateful fuzzing and when to use each.
• Stateless Fuzzing with Foundry : How to use stateless fuzzing tools such as Foundry
• Stateful Fuzzing with Echidna : How to use stateful fuzzing tools such as Echidna
• Identifying Invariants in Smart Contracts : How to identify invariants for stateful fuzzing in smart contracts

Formal Verification

• Benefits and Limitations of Formal Verification : Discusses the benefits and limitations of formal verification and how it can be used to improve the security of smart contracts.
• Introduction to Formal Verification Tools : Introduces formal verification tools such as Certora and how they can be used to verify the correctness of smart contracts.
• Real World Examples : Provides real world examples of how formal verification has been used to find and fix vulnerabilities in smart contracts.
• Best Practices for Formal Verification : Discusses best practices for using formal verification tools and how to get the most out of them.
• Challenges and Future Directions : Discusses the challenges in adoption and the future directions of formal verification for smart contracts.

Mastering the EVM and Low-Level Programming

• Data Structures in the EVM : Types of data locations in the EVM, such as stack, memory, storage, and calldata
• The Yul language and Inline Assembly : Low-level intermediate programming for the EVM
• Auditing inline Assembly : How to audit smart contracts that use inline assembly and Yul
• Calldata specifics: decoding a complex call data example and how to use the abi coder library
• The Huff Language : A brief introduction to Huff, a low-level language for the EVM that uses macros

Identifying Vulnerabilities

• Understanding Business Logic : Understanding the business logic and the intended interactions within and between contracts is paramount.
• Technical Review Process : The process of identifying vulnerabilities in smart contracts.
• Developing Heuristics : Develop and utilize heuristics for auditing smart contracts.
• Common Smart Contract Vulnerabilities
• Timestamp Dependence : Smart contracts that use the block.timestamp variable may have this vulnerability.
• Gas Limit and Loops : Loops that run for an indeterminate number of iterations can hit the gas limit, causing transactions to fail.
• Denial of Service (DOS) Attacks : Exploiting design flaws or gas-related vulnerabilities to make contracts unusable.
• Re-entrancy Attacks : This occurs when an external contract hijacks the control flow, and makes recursive calls to the original contract.
• Delegatecall : delegatecall is a low-level function similar to a dynamic library call in other languages. If not used carefully, it can lead to serious vulnerabilities.
• Math-Related Vulnerabilities : Integer overflow, underflow, and rounding errors are common in smart contracts due to the lack of native floating-point support in Solidity.
• Unchecked Return Values : Failing to check the return values of low-level calls such as send, call, and delegatecall can lead to vulnerabilities where contract execution continues even after a failed external call.

Upgradeability Patterns and Vulnerabilities

• Proxy Patterns : Transparent, UUPS, Beacon, and Diamond proxy mechanics and trade-offs.
• Storage Layout and Collisions : Solidity storage slot rules, gaps, ERC-7201, and detection tooling.
• Initializer Pitfalls : _disableInitializers(), front-running, reinitializer misuse.
• Malicious Upgrades : Multisig, timelock, governance, and user exit rights.
• Upgradeability Audit Checklist : Consolidated checks for proxy and upgrade audits.

MEV and Front-Running

• Mempool Basics : Public mempools, ordering, propagation, and observability.
• Sandwich, Backrun, and JIT Attacks : Classical MEV patterns and their economics.
• Commit-Reveal and Batching : Protocol-level defenses against ordering attacks.
• Private Mempools and Order-Flow Auctions : Flashbots, MEV-Share, MEV-Boost, and modern infrastructure.
• Auditor Heuristics for MEV : How to spot MEV exposure in audit code.

Cryptography and Signatures

• ECDSA and Signature Malleability : EIP-2, address(0), EIP-2098 compact signatures.
• EIP-191 and EIP-712 Structured Signing : Domain separators, typehashes, EIP-1271, ERC-6492.
• Replay, Chain IDs, and Nonces : Seven axes of replay protection.
• Permit and Permit2 : EIP-2612, Uniswap's Permit2, DAI quirks.
• BLS, Schnorr, and Precompiles : EIP-2537, EIP-7212, ZK verifiers, VRF.
• Account Abstraction Signatures (EIP-4337, EIP-7702) : validateUserOp, paymasters, and EIP-7702.

DeFi Security

• DEXs: Uniswap V2/V3/V4 and Variants : Constant-product, concentrated liquidity, hooks, and rivals (Curve, Balancer, CowSwap, Uniswap X).
• Lending: Aave, Compound, Morpho, Euler V2 : Pool-based and isolated lending designs.
• Perpetuals and Funding Rates : vAMMs, order-book perps, GMX-style pool-vs-trader, ADL, insurance funds.
• Oracles: Chainlink, Pyth, and TWAPs : Push, pull, and TWAP architectures; staleness, deviation, sequencer uptime.
• Flash Loans : Attack patterns, defenses, lender / borrower findings.
• LSTs and LRTs : Lido, Rocket Pool, EigenLayer, EtherFi, Renzo, Kelp.
• Bridges and Cross-Chain Messaging : Lock-mint, burn-mint, liquidity networks, message-passing layers.
• Stablecoin Mechanics : Fiat-backed, overcollateralized, algorithmic, hybrid; PSM, redemption, peg defenses.

Case Studies: Lessons From Major Exploits

• The DAO (2016) : Re-entrancy, the original.
• Parity Multisig (2017) : Unprotected init; library kill.
• bZx / Fulcrum (2020) : First flash-loan oracle manipulation.
• Poly Network (2021) : Cross-chain message validation bypass.
• Ronin Bridge (2022) : Multisig key compromise.
• Wormhole (2022) : Solana account-ownership bug.
• Nomad Bridge (2022) : Uninitialized merkle root.
• Euler Finance (2023) : Donation accounting + liquidation math.
• Multichain (2023) : Operator compromise.
• Curve Re-entrancy (2023) : Vyper compiler bug.
• Mixin (2023) : Cloud database compromise.
• Radiant Capital (2024) : Multisig signer compromise via malware.
• Munchables (2024) : Malicious insider developer.
• KyberSwap Elastic (2023) : Tick math edge case.

Continuing Education and Resources

• Auditing Courses : Free and paid courses, bootcamps, and cohort programs; suggested learning path.
• Certifications : An honest survey of the certification landscape — which credentials carry weight, which are largely commercial.
• Online Channels, Communities, and Forums : Discords, X / Farcaster accounts, newsletters, podcasts, and CTF communities.
• More Resources : Solodit, Rekt, SWC, EIPs, books, playgrounds, tooling repositories, on-chain forensics, and contract libraries.

Solidity-Specific Attack Vector Catalog

• Access Control Pitfalls : tx.origin, default visibility, unprotected ether withdrawal and SELFDESTRUCT, missed/incorrect modifiers, overpowered roles, unsafe ownership transfer.
• Reentrancy Variants : Cross-function, cross-contract, and read-only reentrancy; defenses beyond nonReentrant.
• Storage and Data Pitfalls : Unencrypted private data on-chain, arbitrary storage writes, improper array deletion.
• Encoding and Low-Level Pitfalls : Unsafe typecast, dirty higher-order bits, fixed-point arithmetic, abi.encodePacked hash collisions, function selector abuse, short address, hardcoded gas, insufficient input validation.
• Randomness and Entropy : Why on-chain "randomness" sources fail; VRF, commit-reveal, threshold randomness, and integration pitfalls.
• Source-Text and Compiler Pitfalls : Bidi tricks (U+202E), floating pragma, outdated compiler, deprecated functions, variable shadowing, complex modifiers, incorrect interface.
• Historic Attacks : Constructor-name bug, call-depth attack, ABI Encoder v2 bug, Constantinople reentrancy — and their modern echoes.