EatTheBlocks – Smart Contract Security 101 (2022)

EatTheBlocks - Smart Contract Security 101 (2022)
$35.00 $197.00 Sale
Add to wishlist
Category: Tags: , ,

 

EatTheBlocks – Smart Contract Security 101 (2022)

Security Course 101

The objective of this course is to understand how to develop a smart contract in the safest way possible. For this, we need to keep in mind not only what we want to create in the contract, but how to generate security-focused code.

To achieve this purpose, since the contracts in a large percentage represent real money, we need to be updated as developers on the most known vulnerabilities and know how old hacks worked so as not to repeat those same errors.

This course not only focuses on the most known vulnerabilities currently but is also good practices, explanation of patterns and problems of these, for example, conflicts when using upgradeable contracts or how to obtain random numbers within a deterministic blockchain.

All this knowledge will be useful not only to develop smart contracts but also to audit them. Therefore, it is a core knowledge of smart contracts.

What will you learn in this course?

In this course you will learn:

  • Understanding security in a Blockchain Application.
  • How does an attack on a Smart Contract work?
  • Known attacks and how to fix them (Reentrancy, Overflow, Replay Attack, DoS, weak randomness, and much more).
  • Best practices and security patterns.
  • Understand how three famous hacks happened.
  • How to test your contract
  • How to know the coverage of your test?

We will use:

  • Hardhat
  • Solidity
  • OpenZeppelin
  • Javascript
  • Ethers.js
  • Chainlink library
  • Chai.js
  • Coverage

Pre-requisites:

  • Web Development (Javascript, NodeJS)
  • Blockchain Development (Ethereum, Solidity, Hardhat)

Your Instructor

Julián Zamt & Santiago Moreno

https://www.linkedin.com/in/santiago-julian-moreno

CoinFabrik v2

Course Curriculum

1. Welcome

  • 1.1. Introduction (3:24)
  • 1.2. Understanding Security Importance (4:28)
  • 1.3. Prerequisites
  • 1.4. Resources
  • 1.5. Q&A

2. Access Control

  • 2.1. AgreedPrice (1:34)
  • 2.2. AgreedPrice Tests (4:44)
  • 2.3. Require Statement Solution (4:06)
  • 2.4. Custom Modifier Solution (5:28)
  • 2.5. Community Vetted Code (2:35)
  • 2.6. Ownable Solution (3:09)
  • 2.7. Q&A

3. Unencrypted Data

  • 3.1. Unencrypted Data Introduction (0:51)
  • 3.2. Vault Contract (2:35)
  • 3.3. Storage Layout (2:07)
  • 3.4. Peeking in the storage (4:12)
  • 3.5. Conclusions (0:52)
  • 3.6. Q&A

 

4. Overflow

  • 4.1. Overflow Introduction (3:50)
  • 4.2. SimpleToken (Victim) (2:07)
  • 4.3. Exploit (5:35)
  • 4.4. Overflow Soltuions (5:07)
  • 4.5. Conclusions (1:33)
  • 4.6. Q&A

5. Contracts Interactions

  • 5.1. Contracts Interactions Introduction (1:46)
  • 5.2. Call(), send(), transfer() (2:33)
  • 5.3. SavingsAccount & Investor contracts (2:11)
  • 5.4. Interactions Tests (6:40)
  • 5.5. Q&A

6. Reentrancy

  • 6.1. Introdiction (2:06)
  • 6.2. SavingAccounts V2 & InvestorV2 (2:18)
  • 6.3. Reentrancy Attack (5:39)
  • 6.4. Reentrancy Solutions (4:40)
  • 6.5. Q&A

7. Tx.origin

  • 7.1. Introduction (2:20)
  • 7.2. SmallWallet & Attacker (2:19)
  • 7.3. Exploit (3:31)
  • 7.4. Solution (1:28)
  • 7.5. Q&A

8. Denial Of Service

  • 8.1. Introduction (1:38)
  • 8.2. Auction Contract (2:38)
  • 8.3. Attack (5:34)
  • 8.4. Solution – Auction V2 (6:06)
  • 8.5. Q&A

9. Upgradeability

  • 9.1. Introduction (1:58)
  • 9.2. How Delegatecall Works (3:49)
  • 9.3. Storage Collisions (7:58)
  • 9.4. Custom Solution And Related Vulnerabilities (4:53)
  • 9.5. Q&A

10. Weak Randomness

  • 10.1. Introduction (1:44)
  • 10.2. Lottery Contract (2:53)
  • 10.3. The Path Of A Transaction (2:17)
  • 10.4. Miner Attack (5:16)
  • 10.5. Replicated Logic Attack (3:11)
  • 10.6. Chainlink VRF (5:50)
  • 10.7. Q&A

11. Replay Attacks

  • 11.1. Introduction (1:48)
  • 11.2. Signing a message off-chain with a wallet (1:33)
  • 11.3. MultiSigWallet Contract (2:12)
  • 11.4. Replay Attack on MultiSig (3:06)
  • 11.5. Replay Attack Fix (2:52)
  • 11.6. Q&A

12. Real Life Hacks

  • 12.1. Introduction (0:50)
  • 12.2. The DAO (5:22)
  • 12.3. The King Of Ether (2:41)
  • 12.4. Parity Multi Sig Wallet (5:49)

13. Conclusion

  • 13.1. Conclusion (1:27)

Proof Content

 

Sale Page: https://eattheblocks-pro.teachable.com/p/smart-contract-security-101
Archive: https://archive.ph/wip/1JuXE

Shipping method

– After making a purchase, you will see a View your order link to the Downloads page. Here you can download all the files related to your order.
– In case the link is broken for any reason, please contact us and we will resend a new download link.
– If you can’t find the download link, please don’t worry about it. This course is usually available and shipped within one day
– The course you purchased will have lifetime access
– Our support staff is the best by far! Please contact us at email: [email protected] and we will be happy to help!

Related products