Implement pre-audit checklist for the current scope
Opened this issue · 0 comments
azat-hafizov commented
Guide to ensure Tapio contracts meet standards and best practices before we go into the next audit
- Using industry-known libraries where possible (at least OZ)
- Avoid using inline assembly where possible
- Latest major Solidity version
- Document functions (at least external/public)
- #25
- Tapio security assumptions declared to auditors
- Intentionally negative tests to expect breaking if required
- Checks/effects/interactions pattern
- Basic fuzz testing (Foundry) and static analysis (Slither)