Source from repo
Solidity Security

Audit Solidity smart contracts for reentrancy, integer overflow, access control, and oracle manipulation.
wshobsonGitHub wshobsonSource repo Original GitHub link Publisher page
Files
Skill
n/a
Size
12.6 KB
Entrypoint
SKILL.md
Format
git-repo
Open file
SKILL.md

Syntax-highlighted preview of this file as included in the skill package.
Rendered Source
markdown497 linesEntrypointFree
SKILL.md
1---
2name: solidity-security
3description: Master smart contract security best practices to prevent common vulnerabilities and implement secure Solidity patterns. Use when writing smart contracts, auditing existing contracts, or implementing security measures for blockchain applications.
4---
5 
6# Solidity Security
7 
8Master smart contract security best practices, vulnerability prevention, and secure Solidity development patterns.
9 
10## When to Use This Skill
11 
12- Writing secure smart contracts
13- Auditing existing contracts for vulnerabilities
14- Implementing secure DeFi protocols
15- Preventing reentrancy, overflow, and access control issues
16- Optimizing gas usage while maintaining security
17- Preparing contracts for professional audits
18- Understanding common attack vectors
19 
20## Critical Vulnerabilities
21 
22### 1. Reentrancy
23 
24Attacker calls back into your contract before state is updated.
25 
26**Vulnerable Code:**
27 
28```solidity
29// VULNERABLE TO REENTRANCY
30contract VulnerableBank {
31    mapping(address => uint256) public balances;
32 
33    function withdraw() public {
34        uint256 amount = balances[msg.sender];
35 
36        // DANGER: External call before state update
37        (bool success, ) = msg.sender.call{value: amount}("");
38        require(success);
39 
40        balances[msg.sender] = 0;  // Too late!
41    }
42}
43```
44 
45**Secure Pattern (Checks-Effects-Interactions):**
46 
47```solidity
48contract SecureBank {
49    mapping(address => uint256) public balances;
50 
51    function withdraw() public {
52        uint256 amount = balances[msg.sender];
53        require(amount > 0, "Insufficient balance");
54 
55        // EFFECTS: Update state BEFORE external call
56        balances[msg.sender] = 0;
57 
58        // INTERACTIONS: External call last
59        (bool success, ) = msg.sender.call{value: amount}("");
60        require(success, "Transfer failed");
61    }
62}
63```
64 
65**Alternative: ReentrancyGuard**
66 
67```solidity
68import "@openzeppelin/contracts/security/ReentrancyGuard.sol";
69 
70contract SecureBank is ReentrancyGuard {
71    mapping(address => uint256) public balances;
72 
73    function withdraw() public nonReentrant {
74        uint256 amount = balances[msg.sender];
75        require(amount > 0, "Insufficient balance");
76 
77        balances[msg.sender] = 0;
78 
79        (bool success, ) = msg.sender.call{value: amount}("");
80        require(success, "Transfer failed");
81    }
82}
83```
84 
85### 2. Integer Overflow/Underflow
86 
87**Vulnerable Code (Solidity < 0.8.0):**
88 
89```solidity
90// VULNERABLE
91contract VulnerableToken {
92    mapping(address => uint256) public balances;
93 
94    function transfer(address to, uint256 amount) public {
95        // No overflow check - can wrap around
96        balances[msg.sender] -= amount;  // Can underflow!
97        balances[to] += amount;          // Can overflow!
98    }
99}
100```
101 
102**Secure Pattern (Solidity >= 0.8.0):**
103 
104```solidity
105// Solidity 0.8+ has built-in overflow/underflow checks
106contract SecureToken {
107    mapping(address => uint256) public balances;
108 
109    function transfer(address to, uint256 amount) public {
110        // Automatically reverts on overflow/underflow
111        balances[msg.sender] -= amount;
112        balances[to] += amount;
113    }
114}
115```
116 
117**For Solidity < 0.8.0, use SafeMath:**
118 
119```solidity
120import "@openzeppelin/contracts/utils/math/SafeMath.sol";
121 
122contract SecureToken {
123    using SafeMath for uint256;
124    mapping(address => uint256) public balances;
125 
126    function transfer(address to, uint256 amount) public {
127        balances[msg.sender] = balances[msg.sender].sub(amount);
128        balances[to] = balances[to].add(amount);
129    }
130}
131```
132 
133### 3. Access Control
134 
135**Vulnerable Code:**
136 
137```solidity
138// VULNERABLE: Anyone can call critical functions
139contract VulnerableContract {
140    address public owner;
141 
142    function withdraw(uint256 amount) public {
143        // No access control!
144        payable(msg.sender).transfer(amount);
145    }
146}
147```
148 
149**Secure Pattern:**
150 
151```solidity
152import "@openzeppelin/contracts/access/Ownable.sol";
153 
154contract SecureContract is Ownable {
155    function withdraw(uint256 amount) public onlyOwner {
156        payable(owner()).transfer(amount);
157    }
158}
159 
160// Or implement custom role-based access
161contract RoleBasedContract {
162    mapping(address => bool) public admins;
163 
164    modifier onlyAdmin() {
165        require(admins[msg.sender], "Not an admin");
166        _;
167    }
168 
169    function criticalFunction() public onlyAdmin {
170        // Protected function
171    }
172}
173```
174 
175### 4. Front-Running
176 
177**Vulnerable:**
178 
179```solidity
180// VULNERABLE TO FRONT-RUNNING
181contract VulnerableDEX {
182    function swap(uint256 amount, uint256 minOutput) public {
183        // Attacker sees this in mempool and front-runs
184        uint256 output = calculateOutput(amount);
185        require(output >= minOutput, "Slippage too high");
186        // Perform swap
187    }
188}
189```
190 
191**Mitigation:**
192 
193```solidity
194contract SecureDEX {
195    mapping(bytes32 => bool) public usedCommitments;
196 
197    // Step 1: Commit to trade
198    function commitTrade(bytes32 commitment) public {
199        usedCommitments[commitment] = true;
200    }
201 
202    // Step 2: Reveal trade (next block)
203    function revealTrade(
204        uint256 amount,
205        uint256 minOutput,
206        bytes32 secret
207    ) public {
208        bytes32 commitment = keccak256(abi.encodePacked(
209            msg.sender, amount, minOutput, secret
210        ));
211        require(usedCommitments[commitment], "Invalid commitment");
212        // Perform swap
213    }
214}
215```
216 
217## Security Best Practices
218 
219### Checks-Effects-Interactions Pattern
220 
221```solidity
222contract SecurePattern {
223    mapping(address => uint256) public balances;
224 
225    function withdraw(uint256 amount) public {
226        // 1. CHECKS: Validate conditions
227        require(amount <= balances[msg.sender], "Insufficient balance");
228        require(amount > 0, "Amount must be positive");
229 
230        // 2. EFFECTS: Update state
231        balances[msg.sender] -= amount;
232 
233        // 3. INTERACTIONS: External calls last
234        (bool success, ) = msg.sender.call{value: amount}("");
235        require(success, "Transfer failed");
236    }
237}
238```
239 
240### Pull Over Push Pattern
241 
242```solidity
243// Prefer this (pull)
244contract SecurePayment {
245    mapping(address => uint256) public pendingWithdrawals;
246 
247    function recordPayment(address recipient, uint256 amount) internal {
248        pendingWithdrawals[recipient] += amount;
249    }
250 
251    function withdraw() public {
252        uint256 amount = pendingWithdrawals[msg.sender];
253        require(amount > 0, "Nothing to withdraw");
254 
255        pendingWithdrawals[msg.sender] = 0;
256        payable(msg.sender).transfer(amount);
257    }
258}
259 
260// Over this (push)
261contract RiskyPayment {
262    function distributePayments(address[] memory recipients, uint256[] memory amounts) public {
263        for (uint i = 0; i < recipients.length; i++) {
264            // If any transfer fails, entire batch fails
265            payable(recipients[i]).transfer(amounts[i]);
266        }
267    }
268}
269```
270 
271### Input Validation
272 
273```solidity
274contract SecureContract {
275    function transfer(address to, uint256 amount) public {
276        // Validate inputs
277        require(to != address(0), "Invalid recipient");
278        require(to != address(this), "Cannot send to contract");
279        require(amount > 0, "Amount must be positive");
280        require(amount <= balances[msg.sender], "Insufficient balance");
281 
282        // Proceed with transfer
283        balances[msg.sender] -= amount;
284        balances[to] += amount;
285    }
286}
287```
288 
289### Emergency Stop (Circuit Breaker)
290 
291```solidity
292import "@openzeppelin/contracts/security/Pausable.sol";
293 
294contract EmergencyStop is Pausable, Ownable {
295    function criticalFunction() public whenNotPaused {
296        // Function logic
297    }
298 
299    function emergencyStop() public onlyOwner {
300        _pause();
301    }
302 
303    function resume() public onlyOwner {
304        _unpause();
305    }
306}
307```
308 
309## Gas Optimization
310 
311### Use `uint256` Instead of Smaller Types
312 
313```solidity
314// More gas efficient
315contract GasEfficient {
316    uint256 public value;  // Optimal
317 
318    function set(uint256 _value) public {
319        value = _value;
320    }
321}
322 
323// Less efficient
324contract GasInefficient {
325    uint8 public value;  // Still uses 256-bit slot
326 
327    function set(uint8 _value) public {
328        value = _value;  // Extra gas for type conversion
329    }
330}
331```
332 
333### Pack Storage Variables
334 
335```solidity
336// Gas efficient (3 variables in 1 slot)
337contract PackedStorage {
338    uint128 public a;  // Slot 0
339    uint64 public b;   // Slot 0
340    uint64 public c;   // Slot 0
341    uint256 public d;  // Slot 1
342}
343 
344// Gas inefficient (each variable in separate slot)
345contract UnpackedStorage {
346    uint256 public a;  // Slot 0
347    uint256 public b;  // Slot 1
348    uint256 public c;  // Slot 2
349    uint256 public d;  // Slot 3
350}
351```
352 
353### Use `calldata` Instead of `memory` for Function Arguments
354 
355```solidity
356contract GasOptimized {
357    // More gas efficient
358    function processData(uint256[] calldata data) public pure returns (uint256) {
359        return data[0];
360    }
361 
362    // Less efficient
363    function processDataMemory(uint256[] memory data) public pure returns (uint256) {
364        return data[0];
365    }
366}
367```
368 
369### Use Events for Data Storage (When Appropriate)
370 
371```solidity
372contract EventStorage {
373    // Emitting events is cheaper than storage
374    event DataStored(address indexed user, uint256 indexed id, bytes data);
375 
376    function storeData(uint256 id, bytes calldata data) public {
377        emit DataStored(msg.sender, id, data);
378        // Don't store in contract storage unless needed
379    }
380}
381```
382 
383## Common Vulnerabilities Checklist
384 
385```solidity
386// Security Checklist Contract
387contract SecurityChecklist {
388    /**
389     * [ ] Reentrancy protection (ReentrancyGuard or CEI pattern)
390     * [ ] Integer overflow/underflow (Solidity 0.8+ or SafeMath)
391     * [ ] Access control (Ownable, roles, modifiers)
392     * [ ] Input validation (require statements)
393     * [ ] Front-running mitigation (commit-reveal if applicable)
394     * [ ] Gas optimization (packed storage, calldata)
395     * [ ] Emergency stop mechanism (Pausable)
396     * [ ] Pull over push pattern for payments
397     * [ ] No delegatecall to untrusted contracts
398     * [ ] No tx.origin for authentication (use msg.sender)
399     * [ ] Proper event emission
400     * [ ] External calls at end of function
401     * [ ] Check return values of external calls
402     * [ ] No hardcoded addresses
403     * [ ] Upgrade mechanism (if proxy pattern)
404     */
405}
406```
407 
408## Testing for Security
409 
410```javascript
411// Hardhat test example
412const { expect } = require("chai");
413const { ethers } = require("hardhat");
414 
415describe("Security Tests", function () {
416  it("Should prevent reentrancy attack", async function () {
417    const [attacker] = await ethers.getSigners();
418 
419    const VictimBank = await ethers.getContractFactory("SecureBank");
420    const bank = await VictimBank.deploy();
421 
422    const Attacker = await ethers.getContractFactory("ReentrancyAttacker");
423    const attackerContract = await Attacker.deploy(bank.address);
424 
425    // Deposit funds
426    await bank.deposit({ value: ethers.utils.parseEther("10") });
427 
428    // Attempt reentrancy attack
429    await expect(
430      attackerContract.attack({ value: ethers.utils.parseEther("1") }),
431    ).to.be.revertedWith("ReentrancyGuard: reentrant call");
432  });
433 
434  it("Should prevent integer overflow", async function () {
435    const Token = await ethers.getContractFactory("SecureToken");
436    const token = await Token.deploy();
437 
438    // Attempt overflow
439    await expect(token.transfer(attacker.address, ethers.constants.MaxUint256))
440      .to.be.reverted;
441  });
442 
443  it("Should enforce access control", async function () {
444    const [owner, attacker] = await ethers.getSigners();
445 
446    const Contract = await ethers.getContractFactory("SecureContract");
447    const contract = await Contract.deploy();
448 
449    // Attempt unauthorized withdrawal
450    await expect(contract.connect(attacker).withdraw(100)).to.be.revertedWith(
451      "Ownable: caller is not the owner",
452    );
453  });
454});
455```
456 
457## Audit Preparation
458 
459```solidity
460contract WellDocumentedContract {
461    /**
462     * @title Well Documented Contract
463     * @dev Example of proper documentation for audits
464     * @notice This contract handles user deposits and withdrawals
465     */
466 
467    /// @notice Mapping of user balances
468    mapping(address => uint256) public balances;
469 
470    /**
471     * @dev Deposits ETH into the contract
472     * @notice Anyone can deposit funds
473     */
474    function deposit() public payable {
475        require(msg.value > 0, "Must send ETH");
476        balances[msg.sender] += msg.value;
477    }
478 
479    /**
480     * @dev Withdraws user's balance
481     * @notice Follows CEI pattern to prevent reentrancy
482     * @param amount Amount to withdraw in wei
483     */
484    function withdraw(uint256 amount) public {
485        // CHECKS
486        require(amount <= balances[msg.sender], "Insufficient balance");
487 
488        // EFFECTS
489        balances[msg.sender] -= amount;
490 
491        // INTERACTIONS
492        (bool success, ) = msg.sender.call{value: amount}("");
493        require(success, "Transfer failed");
494    }
495}
496```
497
Preparing the source view

Solidity Security

SKILL.md
