Skip to content

Navigation Menu

Explore
By size
By industry
By use case
Topics
- AI
- DevOps
- Security
- Software Development
- View all
Explore
- GitHub Sponsors
  Fund open source developers
- The ReadME Project
  GitHub community articles
Repositories
- Enterprise platform
  AI-powered developer platform
Available add-ons
Pricing

Search code, repositories, users, issues, pull requests...

Search

Clear

Search syntax tips

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches

Use saved searches to filter your results more quickly

Name

Query

To see all available qualifiers, see our documentation.

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

crytic / building-secure-contracts Public

Notifications You must be signed in to change notification settings
Fork 343
Star 2.2k

Code
Issues 39
Pull requests 28
Discussions
Actions
Projects
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Discussions
Actions
Projects
Security
Insights

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to prepare for a security review checklist #113

Open

montyly opened this issue May 18, 2022 · 1 comment

Open

How to prepare for a security review checklist #113

montyly opened this issue May 18, 2022 · 1 comment

Labels

Extra attention is needed

Comments

Copy link

Member

montyly commented May 18, 2022

We can convert our blogpost to a checklist: https://blog.trailofbits.com/2018/04/06/how-to-prepare-for-a-security-audit/

And we can add a couple of blockchain-specific points

The text was updated successfully, but these errors were encountered:

davidvarela-us reacted with thumbs up emoji

All reactions

👍 1 reaction

montyly added the help wanted Extra attention is needed label

Copy link

Contributor

damilolaedwards commented Dec 15, 2022 •

edited

Loading

Enable and address all compiler/linter warnings
Increase unit and feature tests coverage
Remove dead code, unused variables, functions, libraries and other extraneous weights
Provide external documentation and past security reviews / bug findings (if any)
Use inline comments (preferably natspec for solidity)
Label and describe your tests
Document compilation and deployment process
For solidity code, ensure slither runs successfully (document any required intermediate setup process if any)
Ensure that the commit hash / branch/ release for the audit has been provided before the review commencement date
Ensure all engineers assigned to the audit review have been invited to all relevant repositories before commencement date

All reactions

Sorry, something went wrong.

broccolirob mentioned this issue

Preparing for a security review checklist #329

Merged

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Assignees

No one assigned

Labels

Extra attention is needed

Projects

None yet

Milestone

No milestone

Development

No branches or pull requests

2 participants

Footer

© 2024 GitHub, Inc.

Footer navigation

Terms
Privacy
Security
Status
Docs
Contact

You can’t perform that action at this time.