awesome-evm-security

EVM security framework

An overview of the Ethereum Virtual Machine security ecosystem

🕶 A high-level overview of the EVM security ecosystem

GitHub
162 stars
7 watching
14 forks
last commit: over 2 years ago
Linked from 3 awesome lists

awesomeawesome-listblockchainethereumevmsecurityweb3

Awesome EVM Security / Guides
CryptoSec.info Information to help beginners learn how to protect their funds against hackers and scammers
Simplified Roadmap for Blockchain Security Covers all rudimentary topics that one needs to know in order to get into the field of Blockchain Security
How to become a smart contract auditor Frequently asked questions that are related to auditing and auditors can get their first job

Awesome EVM Security / Governance
A beginner's guide to DAOs Gives a high level overview of what DAOs are, why they are interesting and some of their use cases
Deep DAO Lists, ranks and analyzes top DAOs across multiple metrics
SAFT Agreements A commercial instrument used to convey rights in tokens prior to the development of the tokens' functionality
Voting Options in DAOs Voting Options in DAOs
The Wyoming DAO bill A thread about Wyoming DAOs
It Takes a Cryptonetwork Prime's Strategy for DAO to DAO Relations
DAOs, Democracy and Governance A paper by Ralph Merkle about DAOs

Awesome EVM Security / Architecture
Shelling Out: The Origins of Money Illustrates the value of collectibles in reducing social transaction costs
Foundations of Cryptoeconomic Systems This paper explores why the term "cryptoeconomics" is context dependent and proposes complementary micro, meso and macro definitions of the term
Towards a Practice of Token Engineering How do we design tokenized ecosystems, their incentives and how do we analyze or verify them?
A Crash Course in Mechanism Design for Cryptoeconomic Applications Introduces the basic concepts of mechanism design, and gives a taste for their usefulness in the cryptocurrency world
WTF Is QF A simple explanation of quadratic funding
Bonding Curves Explained What bonding curves are and their potential applications

Awesome EVM Security / Standards
DeFi Safety Best practices security score reviews
DASP Top 10 of 2018 Decentralized Application Security Project Top 10 vulnerabilities
IVSCS Immunefi Vulnerability Severity Classification System
Smart Contract Security Verification Standard A free 14-part checklist created to standardize the security of smart contracts for developers, architects, security reviewers and vendors
Secureth guidelines Aid you in formulating your own software engineering process by giving a complete picture of all the different concerns and expectations in your software projects
CryptoCurrency Security Standard (CCSS) A set of requirements for all information systems that make use of cryptocurrencies, including exchanges, web applications, and cryptocurrency storage solutions
The Solcurity Standard 2,052 over 1 year ago Opinionated security and code quality standard for Solidity smart contracts

Awesome EVM Security / System Assets
Security Considerations in the Solidity documentation Lists some pitfalls and general security recommendations
Ethereum 2.0 Specifications Security Audit Report Security Audit Report of the Eth2.0 spec by Least Authority
Getting Deep Into EVM An Ultimate, In-depth Explanation of How EVM Works
Ethereum EVM illustrated Exploring some mental models and implementations
Ethereum Blockspace: Who Gets What and Why Ethereum blockspace market structure
What Is Uniswap and How Does It Work? What Uniswap is, how it works, and how you can swap tokens on it simply with an Ethereum wallet
Scaling EVM (Ethereum Virtual Machine) How fast and far can the EVM based blockchain architecture still take us
L2Beat Transparent and verifiable insights into emerging layer two (L2) technologies
The Non-Fungible Token Bible Everything you need to know about NFTs
KEVM 509 7 days ago A formal model of the EVM in the K framework

Awesome EVM Security / Threats
Blockchain Graveyard A list of all massive security breaches or thefts involving blockchains
List of Bitcoin Heists Research on prior Bitcoin-related thefts
Blockchain Threat Intelligence The latest in blockchain, DeFi and cryptocurrency threat intelligence, vulnerabilities, security tools, and events
Rekt News Investigative journalism, creative commentary, and incident analysis
DeFiYield's REKT db Database of Crypto Hacks, Exploit, Scam
CryptoScamDB Keeping track of cryptocurrency scams in an open-source database
Mudit Gupta's Twitter threads Early analysis and educational content on Twitter
Flash Boys 2.0 Paper Frontrunning in Decentralized Exchanges, Miner Extractable Value, and Consensus Instability
MEV-explore Help the community understand and quantify the significance of "Dark Forest activities" and their impact on the Ethereum network
Flashloan monitor Dashboard that helps you monitor flashloan transactions
Known Attacks A list of known attacks which you should be aware of, from Consensys
Solidity Security Comprehensive list of known attack vectors and common anti-patterns

Awesome EVM Security / Vulnerabilities
SWC Registry Smart Contract Weakness Classification and Test Cases
246 Findings 246 Findings From Trail of Bits Smart Contract Audits
A Survey of Security Vulnerabilities in Ethereum Smart Contracts Explains eight vulnerabilities that are specific to the application level of blockchain technology by analyzing the past exploitation case scenarios of these security vulnerabilities
List of Security Vulnerabilities 718 about 2 years ago A comprehensive list of common smart contract security vulnerabilities, compiled from various sources
List of Known Bugs A JSON-formatted list of some of the known security-relevant bugs in the Solidity compiler

Awesome EVM Security / Controls
Simple Security Toolkit 1,065 about 1 year ago Opinionated recommendations that the team at Nascent find to be appropriate, particularly for teams developing and managing early versions of a protocol
Gnosis Safe Multi-sig. Require multiple team members to confirm every transaction in order to execute it, which helps prevent unauthorized access to company crypto
List of DeFi auditors List of DeFi auditors maintained by DeFiSafety
State of DeFi Audits Article taking a look at the auditing space and its importance in onboarding users by properly securing new DeFi protocols
Building Secure Contracts 2,222 30 days ago Trail of Bits' guidelines and best practices on how to write secure smart contracts
Solidity Patterns A compilation of patterns and best practices for the smart contract programming language Solidity
Security Pattern for Ethereum and Solidity Google Sheets Checklists
Solidity Best Practices for Smart Contract Security Pro tips from Consensys to ensure your Ethereum smart contracts are fortified
CERtified Top 100 exchanges by Cybersecurity rating
Smart Contract Security Registry 131 4 months ago An effort to identify deployed contracts instances given their chain and address, by listing the project they belong to
Forta Community-based runtime security network for smart contracts

Awesome EVM Security / Ecosystem
People to follow on Twitter Twitter list to an overview of the web3 ecosystem and security people
Videos to watch on YouTube YouTube playlist of web3 security videos

Awesome EVM Security / Footnotes / See Also
Awesome BlockSec CTF 15 almost 4 years ago Blockchain security Capture the Flag (CTF) competitions
Awesome Buggy ERC20 Tokens 614 9 months ago Vulnerabilities in ERC20 Smart Contracts With Tokens Affected
Awesome Cryptoeconomics 1,708 5 months ago Cryptoeconomic research and learning materials
Awesome Zero-Knowledge Proofs (ZKP) 5,300 about 2 months ago A curated list of awesome things related to learning Zero-Knowledge Proofs (ZKP)
Officer CIA's Ultimate DeFi Research Base 1,902 8 months ago Curated DeFI & Blockchain research papers and tools
Awesome MEV resources 1,120 11 months ago

Backlinks from these awesome lists:

More related projects: