Search for a command to run...
In recent times a number of web3 security companies have begun offering paid “AI Smart Contract Auditor” services. These services commonly require clients to upload code to a website and after paying a fee, receive an AI-generated audit report. A muc...
Learn to write gas-efficient Solidity code using a real-world example!
Liquidation code can contain subtle bugs and vulnerabilities..
At DeFi Security Summit 2024 I presented a workshop on how smart contract developers can use invariant fuzz testing to find high severity issues prior to external audit, based on my real-world experience doing private audits with Cyfrin. Since fuzz t...
Many high severity findings found during private audits by external auditors could have been found by the protocol developers themselves using invariant fuzz testing prior to engaging external auditors. While this doesn’t require developing an “attac...
Fuzz smart contracts using the same code with Echidna, Medusa & Foundry!
Under-constrained Zero-Knowledge Circuits are ripe for exploitation..
Using assembly to save gas can introduce memory corruption and other subtle vulnerabilities..
How to get a 42% gas saving when calling keccak256