Category: Best Practice

Consensys Diligence provides actionable tips on building secure and robust smart contracts in web3.

Use this helpful checklist to prepare your smart contacts for an audit

Step-by-step tutorial to get started using Fuzzing for your smart contract security

These four features make Scribble a more expressive specification language to help make testing your smart contract simpler.

Learn how provers can exploit under-constrained Cairo programs! Introduction Cairo is a programming language for building zero-knowledge programs. These programs allow you to prove the result of a computation without asking other people to re-run the computation. Proofs of correct computation are awesome! Let’s assume you have a Cairo program to compute all prime numbers up to 1,000. When you run Cairo, you’ll get both the prime numbers and proof that those prime numbers are the result of running the program.

A checklist for developers and security engineers to make use of when working with contracts that interact with many different tokens, especially if they want to support user-inputted tokens.

The DeFi space has had a tumultuous couple months, with a number of attacks as well as unexploited vulnerabilities being reported. Bugs are unavoidable, but there are many things that can be done to reduce their frequency, and mitigate their negative effects. As auditors, we want to help, but in order to really get developers to truly prioritize security, users need to start asking tough questions, and putting their money into the protocols that can answer them thoughtfully.

Special cases lead to code complexity, which leads to bugs. In this post, I’ll share some examples of eliminating special cases to reduce code complexity and improve maintainability.

A guide to the simple steps you can take beforehand, to get the best result out of the audit process

Using the factory pattern can simplify your code and reduce the impact of certain kinds of security vulnerabilities.