HomeLoveStartLearnPlayConverseResourcesBlog
    HomeResourcesSecurity Best Practices

    Table of contents

    • Security Best Practices
    Security Best Practices

    Kernel is about being careful, in all the many senses of that word. When it comes to code we write, that means safety first, then teamwork. Below, you will find the best security resources we know of to help you ensure that your contracts follow best practices and abide by the latest industry standards.

    Trail of Bits Toolbox

    One of the most well-established and respected audit firm's very own toolbox for ensuring high security standards.

    H/T Matt Solomon. Check out his article for more.

    Secureum Checklist

    A clear and concise checklist any serious developer or audit needs for their work. Written by our own Rajeev Gopalakrishna.

    Detecting Not So Smart Contracts

    Two useful repos for understanding the vulnerable patterns used by not-so-smart contracts, and for detecting various potential vulnerabilities.

    MythX

    Another useful Consensys tool that's easy to integrate with frameworks like Truffle especially.

    Mutation Testing

    An introduction to mutation testing from Security Track mentor Joran Honig. You can find a more detailed explanation of this technique here.

    Smashing Smart Contracts for Fun and Profit

    The original paper by Bernhard on profiting from fun and the security analysis tool Mythril.

    VS Code Solidity Auditor

    A convenient and useful VS Code plugin to audit your smart contracts as you work.

    samczsun

    The best blog to see how not to write smart contracts and learn about all the different ways your code could fall over in production.

    BlockThreat

    The latest in blockchain and cryptocurrency threat intelligence, vulnerabilities, security tools, and events.

    SecBit Token Libs

    A useful set of token libraries, with proofs!

    H/T val

    Rekt

    The dark web of DeFi journalism.

    You can find a more complete, less organised list of other available resources here.

    Previous
    Smart Contract Tools and Practices
    Next
    Zero Knowledge Tools & Resources

    Table of contents