Audit-365 is a challenge for me where I will be posting educational content related to Smart contract auditing and web3 security throughout the 365 days of the year starting from 1st January, 2023 to 31st December, 2023. It will be full of actual content without any fillers.
So, Basically ‘Audit-365’ challenge is divided into 2 parts,
I will be sharing daily tweets, twitter threads or post related to Smart contract auditing and web3 security. I will explain audit reports in easy to understand way. Also some tips and tricks on how to approach auditing and finding cool bugs.
Daily posts which will include:
- Smart contract audit findings from different Auditing Firms like:
- And many more.
- Tips/ Tricks on how to find these bugs.
Every week I will post eductional content related to web3 security and smart contract auditing. Also, I will share some amazing videos, articles and tweets that you might have missed out!
Why Subscribe?
There are tons of resources out there, most of them are just junk information. I will filter them all and share only good quality resources without any fillers. Weekly newsletter that will include:
- Weekly Compiled list of explained audit findings. (from Daily Swig)
- Resources related to web3 security like videos, articles, etc.
- Interesting Tweets/ posts.
- Some hacking tips, tools, research papers or career advice.
-
Audit-365 Daily Swig:
- 🔗LinkedIn: https://www.linkedin.com/in/sm4rty/
- 🐤Twitter: https://twitter.com/Sm4rty_
-
Audit-365 Weekly Roundup
Ⓜ️ Medium: https://medium.com/@sm4rty- 📚Substack: https://sm4rty.substack.com/
Day | Findings | Severity | Category | Thread Links |
---|---|---|---|---|
01 | User's Orders can be canceled by anyone and their ETH can be stolen | High | Audit Findings | Link |
02 | Double transfer in the transferAndCall function. |
High | Audit Findings | Link |
03 | Unchecked Return Value from "ecrecover" | Critical | BugFix Reports | Link |
04 | EIP-712 signatures can be re-used | Medium | Audit Findings | Link |
05 | Use safeCast for changing types | Medium | Audit Findings | Link |
06 | BLOCK_PERIOD IS INCORRECT | Medium | Audit Findings | Link |
07 | Insufficient validation of Chainlink Oracle data feed | Medium | Audit Findings | Link |
08 | 88mph Function Initialization Bug (Reward $42,069) | Critical | BugFix Report | Link |
09 | 700+ Smart contract Bugs, $1 Million Bug Payout, Trust’s Interview, and more | - | Weekly Newsletter | Link |
10 | Sandwich attack due to hardcoded slippage | High | Audit Findings | Link |
11 | Initialize function can be invoked multiple times. | Medium | Audit Findings | Link |