building-secure-contracts
bolts
building-secure-contracts | bolts | |
---|---|---|
10 | 81 | |
2,076 | 2,025 | |
0.6% | 0.8% | |
8.4 | 7.1 | |
9 days ago | 4 days ago | |
Solidity | Markdown | |
GNU Affero General Public License v3.0 | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
building-secure-contracts
-
Smart Contract Security Field Guide
I appreciate how organized the Consensys guide is laid out. It's pretty easy to read. Trail of Bits has a similar guide that is a little more in-the-weeds technically. It also covers, what we think is, essential background about certain automated analysis techniques like static analysis and how fuzzers work. Check it out!
https://secure-contracts.com/
- Trail of Bits Building Secure Contracts: Now with support for Cosmos
- Trail of Bits Building Secure Contracts: Now with support for Substrate
- New release of Building-secure-contracts: it introduces not so smart contracts for Algorand/Cairo/Cosmos/Substrate - a set of common vulnerabilities for these chains. The release contains also new training materials for Echidna and new guidelines
- Trail of Bits added Algorand to their "Building Secure Contracts" developer guide
-
Launching your Ethereum dApp on Avalanche
We highly recommend using at least one of them if professional contract security review is not possible. A more comprehensive look into secure development practices can be found here.
-
Smart Contract Exploitation Repository
If you need more reading about building secure smart contracts and auditing workflows, see here: https://github.com/crytic/building-secure-contracts
- Any recommendations for smart contract auditing ?
bolts
-
Smart Contract Security Field Guide
True although I'm not talking about Ethereum smart contracts, I'm talking about Bitcoin ones which are very limited and not Turing complete. The lightning smart contract is like 20 lines and has been live since 2018, I feel the probability of the contract getting hacked is very low(famous last words!) https://github.com/lightning/bolts/blob/master/03-transactio...
- Is there any Bitcoin layer (eg. Bitcoin = L1, Lightning = L2, etc.) on which the satoshi (SAT) is divisible?
-
Does Lightning Network have its own hard forks?
LN is a protocol for sending signed txns around, keeping track of balances locally, and broadcasting channel open/close/justice txns. All the rules are outlined in the foundational BOLTs https://github.com/lightning/bolts/blob/master/00-introduction.md
-
What's LNURL and BOLT12?
BOLT12 offers an attempt to achieve some of the core functionality that LNURL provides without requiring the use of a web server. An offer encodes the data necessary to reach a node to request an invoice to make a payment, either a node_id, or a blinded path (the last few hops in an onion route, pre-computed and encrypted) to that node using onion messages. It also can encode a minimum amount for a payment, the currency being paid in, an expiry time and minimum/maximum quantity numbers (for purchasing multiple items).
-
Safe Lightning Transactions Without The Need for Watch Towers or Continuous Network Connectivity
In practice, I do not know if this is possible. I am quite unfamiliar with Bitcoin OpCode scripting and if the revocation tree of the channel state (which is just an unpublished Bitcoin contract) is expressive enough to allow inputting an arbitrary address to recieve the attacker's funds. I am attempting to use this documentation as a clue to whether or not, and how this might be possible: https://github.com/lightning/bolts/blob/master/03-transactions.md.
-
Chainalysis: The $8.6B Startup That Helps Governments Trace Crypto
No they can't, that's the whole point of onion routing. The next hop doesn't know if the packet started with you or if you're just another node in the payment path.
Reference: https://github.com/lightning/bolts/blob/master/04-onion-rout...
-
Negative fees
There is a discussion to add to the lightning BOLT specification for 'inbound fees' which essentially enables a 'rebate' for using a particular channel to route through your node.
- Lightening Network Links and Resources
-
An important message to this community: We can do better!
Basis Of Lightning Technology BOLT specificiations
-
Is sending BTC over the lightning network private and anonymous?
tbh i have a text file with definitions of many of these because I constantly confuse them, most of which were pulled from using search at https://github.com/lightning/bolts and similar
What are some alternatives?
eth-security-toolbox - A Docker container preconfigured with all of the Trail of Bits Ethereum security tools.
BOSL2 - The Belfry OpenScad Library, v2.0. An OpenSCAD library of shapes, masks, and manipulators to make working with OpenSCAD easier. BETA
slither - Static Analyzer for Solidity and Vyper
wiki.plebnet.org
pooltogether-community-ui - UI to use when creating your own custom pools, prize strategies or as reference code for integrating your own pools.
loop - Lightning Loop: A Non-Custodial Off/On Chain Bridge
coreth - Code and wrapper to extract Ethereum blockchain functionalities without network/consensus, for building custom blockchain services.
bitcoinbook - Mastering Bitcoin 3rd Edition - Programming the Open Blockchain
avalanche-faucet - Avalanche Faucet for Fuji Network and Subnets.
bitcoin-on-twitch - Bitcoin on Twitch: Accept Bitcoin donations on Twitch, and integrate them into your alerts!
avalanchego - Go implementation of an Avalanche node.
lndmanage - Channel management tool for lightning network daemon (LND) operators.