EVM Security

Information to help beginners learn how to protect their funds against hackers and scammers.

Covers all rudimentary topics that one needs to know in order to get into the field of Blockchain Security.

Frequently asked questions that are related to auditing and auditors can get their first job.

Gives a high level overview of what DAOs are, why they are interesting and some of their use cases.

Lists, ranks and analyzes top DAOs across multiple metrics.

A commercial instrument used to convey rights in tokens prior to the development of the tokens' functionality.

Voting Options in DAOs.

A thread about Wyoming DAOs

Prime's Strategy for DAO to DAO Relations.

A paper by Ralph Merkle about DAOs.

Illustrates the value of collectibles in reducing social transaction costs.

This paper explores why the term "cryptoeconomics" is context dependent and proposes complementary micro, meso and macro definitions of the term.

How do we design tokenized ecosystems, their incentives and how do we analyze or verify them?

Introduces the basic concepts of mechanism design, and gives a taste for their usefulness in the cryptocurrency world.

A simple explanation of quadratic funding.

What bonding curves are and their potential applications.

Best practices security score reviews.

Decentralized Application Security Project Top 10 vulnerabilities.

Immunefi Vulnerability Severity Classification System.

A free 14-part checklist created to standardize the security of smart contracts for developers, architects, security reviewers and vendors.

Aid you in formulating your own software engineering process by giving a complete picture of all the different concerns and expectations in your software projects.

A set of requirements for all information systems that make use of cryptocurrencies, including exchanges, web applications, and cryptocurrency storage solutions.

Opinionated security and code quality standard for Solidity smart contracts.

Lists some pitfalls and general security recommendations.

Security Audit Report of the Eth2.0 spec by Least Authority.

An Ultimate, In-depth Explanation of How EVM Works.

Exploring some mental models and implementations.

Ethereum blockspace market structure.

What Uniswap is, how it works, and how you can swap tokens on it simply with an Ethereum wallet.

How fast and far can the EVM based blockchain architecture still take us.

Transparent and verifiable insights into emerging layer two (L2) technologies.

Everything you need to know about NFTs.

A formal model of the EVM in the K framework.

A list of all massive security breaches or thefts involving blockchains.

Research on prior Bitcoin-related thefts.

The latest in blockchain, DeFi and cryptocurrency threat intelligence, vulnerabilities, security tools, and events.

Investigative journalism, creative commentary, and incident analysis.

Database of Crypto Hacks, Exploit, Scam.

Keeping track of cryptocurrency scams in an open-source database.

Early analysis and educational content on Twitter.

Frontrunning in Decentralized Exchanges, Miner Extractable Value, and Consensus Instability.

Help the community understand and quantify the significance of "Dark Forest activities" and their impact on the Ethereum network.

Dashboard that helps you monitor flashloan transactions.

A list of known attacks which you should be aware of, from Consensys.

Comprehensive list of known attack vectors and common anti-patterns.

Smart Contract Weakness Classification and Test Cases.

246 Findings From Trail of Bits Smart Contract Audits.

Explains eight vulnerabilities that are specific to the application level of blockchain technology by analyzing the past exploitation case scenarios of these security vulnerabilities.

A comprehensive list of common smart contract security vulnerabilities, compiled from various sources.

A JSON-formatted list of some of the known security-relevant bugs in the Solidity compiler.

Opinionated recommendations that the team at Nascent find to be appropriate, particularly for teams developing and managing early versions of a protocol.

Multi-sig. Require multiple team members to confirm every transaction in order to execute it, which helps prevent unauthorized access to company crypto.

List of DeFi auditors maintained by DeFiSafety.

Article taking a look at the auditing space and its importance in onboarding users by properly securing new DeFi protocols.

Trail of Bits' guidelines and best practices on how to write secure smart contracts.

A compilation of patterns and best practices for the smart contract programming language Solidity.

Google Sheets Checklists.

Pro tips from Consensys to ensure your Ethereum smart contracts are fortified.

Top 100 exchanges by Cybersecurity rating.

An effort to identify deployed contracts instances given their chain and address, by listing the project they belong to.

Community-based runtime security network for smart contracts.

Twitter list to an overview of the web3 ecosystem and security people.

YouTube playlist of web3 security videos.

Blockchain security Capture the Flag (CTF) competitions.

Vulnerabilities in ERC20 Smart Contracts With Tokens Affected.

Cryptoeconomic research and learning materials.

A curated list of awesome things related to learning Zero-Knowledge Proofs (ZKP).

Curated DeFI & Blockchain research papers and tools.