#blocksectips search results

Wow, I don't know when it happened but I already have over 500 followers! Many thanks for your trust and commitment in spreading some #blocksectips Thanks to you, we can operate on a larger scale and together secure #DeFi! I promise to have something special for you this year 😈

I hope this series of 100 #BlockSecTips prevented at least 1 mistake that could have ended badly. It was definitely worth taking up this #challenge 🙌 Thanks for everyone who #follows my actions!

#BlockSecTips 💯) Follow amazing #people who contribute a lot to the #blockchain #security space @Mudit__Gupta @bantg @MitchellAmador @tinchoabbate @drdr_zz @adrianhetman @samczsun @officer_cia @smpalladino @LewellenMichael @0xRajeev @_iphelix @bneiluj @gakonst @emilianobonassi

#BlockSecTips 99) Verify that there is no mistake in the indicated addresses. Point to the newest implementation when upgrading your contracts. #simple #tip #solidity #tests #often #mistakes

#BlockSecTips 98) Verify that the smart contract attributes that can be updated by the external contracts (even trusted) are monitored (e.g. using events) and the procedure of incident response is implemented (e.g. the response to an ongoing attack). #incidentresponse #security

#BlockSecTips 97) Verify that external contracts comply with the principle of minimum rights and that their access to special functions is enforced by the appropriate modifiers. #smartcontracts #integrations #solidity #DeFi #design

#BlockSecTips 96) Verify that if the external contract is upgradable it is done in a trusted manner. #integration #solidity #compotents #tm #itm #architect

#BlockSecTips 95) Verify that the address of the integrated contract is up-to-date and consistent with the project documentation. #integration #external #threatmodeling #trust #building #future

#BlockSecTips 94) Verify that the external contract you want to use has been: - audited, - verified on a blockchain explorer, - has passed SCSVS. #upgrade #DeFi #CryptoNews #CryptoBOT #security #SOLIDITY

#BlockSecTips 93) Verify that timelocks are used for important operations so that the users have time to observe upcoming changes (PLEASE NOTE that removing the potential vulnerability in this case may be more difficult). #upgrade #DeFi #CryptoNews #CryptoBOT #security #SOLIDITY

#BlockSecTips 92) Verify that the upgrade process is executed by a multisig contract where more than one person must approve the operation. #DAOs #upgrade #Crypto #cryptotwitter

#BlockSecTips 91) Verify if the update process is done in one transaction so that no one can front-run it. #blocksec #UPDATE #solidity

#BlockSecTips 90) Verify if the new values returned by the functions are the same as in the previous version of the contract (e.g. owner ), balanceOf(address)) #SECURE #UPGRADE #smartcontracts #blockchain #DeFi

#BlockSecTips 89) When preparing new version of the contract, verify that there are no changes in the order in which the contract state variables are declared, nor their types. #security #new #daily #SOLIDITY #coding #development

#BlockSecTips 88) Make an upgrade attempt at the fork of the main network and check that everything works as expected on the local copy. You can use @HardhatHQ for that: buff.ly/3v3PVq4 #upgrade #Tests #mainnet #Ethereum #blockchainproject #CryptoNews #crypto

#BlockSecTips 87) Make sure you have appropriately reduced the number of reserved (as gaps) slots if new variables have been added to the contract. #secure #upgrade #smartcontract

#BlockSecTips 86) Make sure you have reserved gap on slots to prevent overwriting in your upgradeable contracts. #solidity #upgrade #smartcontracts #programming #secure #DeFi

#BlockSecTips 85) Verify that initialize() can only be called only once. #solidity #upgrade #smartcontracts #programming #secure #DeFi

#BlockSecTips 84) Formally verify the specification of smart contracts. Make sure that the result of formal verification is included in the documentation. SCSVS V12: Test coverage buff.ly/3a1Rv1G

#BlockSecTips 83) Implementation of #verified contract should be checked for #security vulnerabilities using both static and dynamic #analysis. SCSVS V12: Test coverage buff.ly/3a1Rv1G

#BlockSecTips 85) Verify that initialize() can only be called only once. #solidity #upgrade #smartcontracts #programming #secure #DeFi

#BlockSecTips 91) Verify if the update process is done in one transaction so that no one can front-run it. #blocksec #UPDATE #solidity

#BlockSecTips 96) Verify that if the external contract is upgradable it is done in a trusted manner. #integration #solidity #compotents #tm #itm #architect

#BlockSecTips 86) Make sure you have reserved gap on slots to prevent overwriting in your upgradeable contracts. #solidity #upgrade #smartcontracts #programming #secure #DeFi

#BlockSecTips 95) Verify that the address of the integrated contract is up-to-date and consistent with the project documentation. #integration #external #threatmodeling #trust #building #future

#BlockSecTips 99) Verify that there is no mistake in the indicated addresses. Point to the newest implementation when upgrading your contracts. #simple #tip #solidity #tests #often #mistakes

#BlockSecTips 94) Verify that the external contract you want to use has been: - audited, - verified on a blockchain explorer, - has passed SCSVS. #upgrade #DeFi #CryptoNews #CryptoBOT #security #SOLIDITY

#BlockSecTips 88) Make an upgrade attempt at the fork of the main network and check that everything works as expected on the local copy. You can use @HardhatHQ for that: buff.ly/3v3PVq4 #upgrade #Tests #mainnet #Ethereum #blockchainproject #CryptoNews #crypto

#BlockSecTips 92) Verify that the upgrade process is executed by a multisig contract where more than one person must approve the operation. #DAOs #upgrade #Crypto #cryptotwitter

#BlockSecTips 89) When preparing new version of the contract, verify that there are no changes in the order in which the contract state variables are declared, nor their types. #security #new #daily #SOLIDITY #coding #development

#BlockSecTips 87) Make sure you have appropriately reduced the number of reserved (as gaps) slots if new variables have been added to the contract. #secure #upgrade #smartcontract

#BlockSecTips 97) Verify that external contracts comply with the principle of minimum rights and that their access to special functions is enforced by the appropriate modifiers. #smartcontracts #integrations #solidity #DeFi #design

#BlockSecTips 93) Verify that timelocks are used for important operations so that the users have time to observe upcoming changes (PLEASE NOTE that removing the potential vulnerability in this case may be more difficult). #upgrade #DeFi #CryptoNews #CryptoBOT #security #SOLIDITY

#BlockSecTips 98) Verify that the smart contract attributes that can be updated by the external contracts (even trusted) are monitored (e.g. using events) and the procedure of incident response is implemented (e.g. the response to an ongoing attack). #incidentresponse #security

#BlockSecTips 83) Implementation of #verified contract should be checked for #security vulnerabilities using both static and dynamic #analysis. SCSVS V12: Test coverage buff.ly/3a1Rv1G

#BlockSecTips 84) Formally verify the specification of smart contracts. Make sure that the result of formal verification is included in the documentation. SCSVS V12: Test coverage buff.ly/3a1Rv1G

#BlockSecTips 81) If your system uses a ready-made implementation of the contract, make sure it is marked in the comment. If it contains changes from the original version - indicate them precisely. SCSVS V11: Code clarity buff.ly/2ZOYMAl

#BlockSecTips 90) Verify if the new values returned by the functions are the same as in the previous version of the contract (e.g. owner ), balanceOf(address)) #SECURE #UPGRADE #smartcontracts #blockchain #DeFi

#BlockSecTips 80) Make sure to add a description in the form of 1-2 short sentences of what the contract is for at the beginning of the contract. SCSVS V11: Code clarity buff.ly/2ZOYMAl

#BlockSecTips 82) Make sure that considered as sensitive functions of verified contract are covered with tests in the development phase. SCSVS V12: Test coverage buff.ly/3a1Rv1G