/auditing-demystified

A compendium of smart contract auditing resources for beginners

How to get started as a smart contract auditor

Becoming a smart contract auditor can be daunting if you don't know where to start. The truth is you don't have to come from a super technical background to become a smart contract auditor. The eye for detecting where things can go wrong is a strongsuit most auditors have to foresee vulnerabilities that can graduate to detrimental attacks. Here is a concise repo of auditing resources from Youtube videos, articles, docs, and excerpts to get you started on your bug hunting journey. Please share. Let's make Web3 a safer place.



Secure Smart Contract Development

Ethereum TL:DR

Youtube Videos

Testing Frameworks

Articles

Diagram of the back-end innerworkings of wallet software and node tech

IDEs

Token standards

ETH Ecosystem Best Practices


Contest and Compete

CTFs

Bug bounties (Earn 🤑 to hack)

Bug bounties (Community-driven)

Public Reports

Tips: Read past reports to train muscle memory to find common vulnerabilities that occur on smart contracts

Auditing firms

Smart Contract Auditing Firms + Solos
bytes032 - Solo Audits QuillAudits Solidified Audits
Paladin Security Audits Peckshield Audits Chainsulting Audits
Solid Proof Audits Halborn Security Public Audits Solid Proof Audits
Omniscia Audits Guardian Audits Techrate Audits
Pashov - Solo Audits Mixbytes Audits Cyfrin Audits