Introduction to Auditing and Security

CTA: We encourage posts pointing to auditing practices, security findings (e.g., bugs, vulnerabilities, audit reports, post-mortems, etc), formal proofs, reusable models, etc. If you are a researcher in the need of inspiration, view our key problems post.

What is smart contract auditing and security?

Smart contract auditing is an independent review of a project’s code and supporting documentation to identify security issues. Auditing is part of security. Security is the process of guarding a blockchain’s different layers/components, as well as those interfacing with it, against malicious actors attempting to cause harm.

What are some practical applications today?

Practical applications of smart contract auditing include assessing token security as a prerequisite for listing in different exchanges, assessing underlying economic incentives in DeFi projects, providing a shared medium for stakeholders to evaluate the potential risks on a platform, etc. Security, in turn, has a broad range of applications, including safeguarding wallets and accounts, different parts of a layer-1 stack (e.g., preventing DoSing a P2P layer, consensus layer, etc), among others.

4 posts were split to a new topic: Wondering if there is a “getting started” for auditing?

Thank you for the perspective on auditing and security. Technology evolutionary trend requires in-depth review and continuous improvement. This can only be made possible if a process of audit is done to identify gaps in the implementation and recommended security improvement.

Hi @Jmax. Welcome to SCRF. I could not agree more with you :)
We have some in-depths discussions about auditing that I think would be of your interest, including:

• Mini-post: The Art of Auditing - #19 by Dorrii
• What is an audit? - #2 by Cindy
• What Constitutes a Good Test Suite? - #13 by lnrdpss
• etc

Also, feel free to contribute with research summaries and follow-up discussions, the latest one being Research Summary: Smart Contract Security: A Practitioner’s Perspective (2021)

Once again, welcome to SCRF.

Hi @lnrdpss. Sorry am responding late. Yes, I am very interested in the topics and hope to be more engaging now that I have fully settled.

Thanks once again.