All information was original created by 0xRajeev that he has developed from other public sources. This content is for the Secureum Epoch0 Bootcamp for Smart Contract auditing. The plan is to grow this over time. Pull requests accepted.

---

Information I would like to add (my wish list):

• Solidity example where applicable
• Add Forge examples for relevant topics

Please report any errors or rendering issues. Happy to accept PR's that improve upon the content.

---

The impetus for this project was self-edification as well as providing better accessibility to the content 0xRajeev has produced. Plus, I really wanted to make some cool graphs and play with Obsidian. :)

If you open this in Obsidian you can graph the notes.

---

Here is an awesome resource from patrickd who is in Epoch0: Link (Place in the contracts folder on Remix)

---

---

Slot 1 - Ethereum101

---

Topics

Blog Article

Article on "Ethereum 101"

---

Course Videos

1. Block 1
2. Block 2
3. Block 3
4. Block 4
5. Block 5

---

Participant Created Content

• Ethereum 101 - D-Squared

---

Assignment

1. Read the Ethereum whitepaper: https://ethereum.org/en/whitepaper/
2. Read the Ethereum yellow paper: https://ethereum.github.io/yellowpaper/paper.pdf
3. Read Chapters 1, 2, 3, 4, 6, 13 and 14 from Mastering Ethereum: https://github.com/ethereumbook/ethereumbook and other references in Secureums Ethereum 101 article
4. Browse through topics at https://ethereum.org/en/developers/docs/
5. Explore blocks, transactions and other protocol internals at https://etherscan.io/

---

Quiz

• Slot 1 quiz

Quiz Writeups

• https://ventral.digital/posts/2021/10/17/secureum-bootcamp-ethereum-101-quiz

---

---

Slot 2 - Solidity101

Blog Article

Article on "Solidity 101"

---

Course Videos

1. Block 1
2. Block 2
3. Block 3
4. Block 4
5. Block 5

---

Participant Created Content

• Solidity 101 and 201 - D-Squared

---

Assignment

1. Read Chapter 7 from Mastering Ethereum: https://github.com/ethereumbook/ethereumbook/blob/develop/07smart-contracts-solidity.asciidoc
2. Understand Solidity syntax and semantics implemented in OpenZeppelins ERC20 contract: https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/token/ERC20/ERC20.sol
3. Understand Solidity syntax and semantics implemented in OpenZeppelins ERC721 (NFT) contract: https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/token/ERC721/ERC721.sol
4. Understand Solidity syntax and semantics implemented in OpenZeppelins security-related contracts Ownable, Pausable and ReentrancyGuard: https://github.com/OpenZeppelin/openzeppelin-contracts/tree/master/contracts/access and https://github.com/OpenZeppelin/openzeppelin-contracts/tree/master/contracts/security
5. Experiment with the various Solidity concepts using https://remix.ethereum.org/

Quiz

• Slot 2 Quiz

Quiz Writeups

• https://ventral.digital/posts/2021/10/24/secureum-bootcamp-solidity-101-quiz

---

---

Slot 3 - Solidity201

---

Blog

Article on "Solidity 201"

---

Youtube Videos

1. Block 1
2. Block 2
3. Block 3
4. Block 4
5. Block 5

---

Participant Created Content

• Solidity 101 and 201 - D-Squared

---

Assignment

1. Understand all the OpenZeppelin Library contracts (many of which are widely-used): https://github.com/OpenZeppelin/openzeppelin-contracts/tree/master/contracts
2. Understand Solidity syntax and semantics implemented in Uniswap V3 contracts and related dependencies: https://github.com/Uniswap/uniswap-v3-core/tree/main/contracts
3. Understand Solidity syntax and semantics implemented in Fei Protocol contracts and related dependencies: https://github.com/fei-protocol/fei-protocol-core/tree/master/contracts
4. Understand Solidity syntax and semantics implemented in Chainlink contracts and related dependencies: https://github.com/smartcontractkit/chainlink/tree/develop/contracts/src/v0.4
5. Understand Solidity syntax and semantics implemented in Opyn Gamma Protocol contracts and related dependencies: https://github.com/opynfinance/GammaProtocol/tree/master/contracts/core

Quiz

• Slot 3 Quiz

Quiz Writeups

• https://ventral.digital/posts/2021/10/30/secureum-bootcamp-solidity-201-quiz

---

---

Slot 4 - Pitfalls and Best Practices 101

Blog

Article on "Security Pitfalls & Best Practices 101"

---

Youtube Videos

1. Block 1
2. Block 2
3. Block 3
4. Block 4
5. Block 5

---

Participant Created Content

• Security Pitfalls & Best Practices 101 and 201 - D-Squared

---

Assignment

1. Explore the SWC Registry list and test cases: https://swcregistry.io/
2. Watch Intro to Security First Development by Gonalo S @GNSPS, ConsenSys Diligence: https://www.youtube.com/watch?v=72K57I9yvyI
3. Watch Protect your Crypto and Avoid Getting Hacked by Mehdi Zerouali @ethzed, Sigma Prime: https://www.youtube.com/watch?v=L2DRC6PjTgk
4. Watch DeFi Security: With So Many Hacks, Will It Ever Be Safe? on Unchained Podcast with Dan Guido @dguido (Trail of Bits) and Taylor Monahan (MyCrypto): https://www.youtube.com/watch?v=Sc5fZ-Wprx8
5. Attempt CTF: https://capturetheether.com/

---

Quiz

• Slot 4 quiz

Quiz Writeups

• https://ventral.digital/posts/2021/11/7/secureum-bootcamp-security-pitfalls-amp-best-practices-101-quiz

---

---

Slot 5 - Pitfalls and Best Practices 201

---

Blog

Article on "Security Pitfalls & Best Practices 201"

---

Youtube Videos

1. Block 1
2. Block 2
3. Block 3
4. Block 4
5. Block 5

---

Participant Created Content

• Security Pitfalls & Best Practices 101 and 201 - D-Squared

---

Assignment

1. Read https://samczsun.com/so-you-want-to-use-a-price-oracle/ and https://samczsun.com/the-dangers-of-surprising-code/
2. Watch Security By Design & Smart Contract Audits by Shayan Eskandari, Ex-ConsenSys Diligence: https://www.youtube.com/watch?v=gfD1KBtLWZI
3. Watch How to Build Secure Smart Contracts by Josselin Feist (@Josselin Feist - Trail of Bits), Trail of Bits: https://www.youtube.com/watch?v=yP01yH4plT8
4. Watch White Hat Panel: DeFi Exploits: https://www.youtube.com/watch?v=Df2zzfoTfMc
5. Attempt CTF: https://www.damnvulnerabledefi.xyz/

---

Quiz

• Slot 5 quiz

Quiz Writeups

• https://ventral.digital/posts/2021/11/14/secureum-bootcamp-security-pitfalls-amp-best-practices-201-quiz

---

---

Slot 6 - Audit Techniques & Tools 101

Blog

Article on "Audit Techniques & Tools 101"

---

Youtube Videos

1. Block 1
2. Block 2
3. Block 3
4. Block 4
5. Block 5

---

Participant Created Content

• Audit Techniques & Tools 101 - D-Squared

---

Assignment

1. Read the following:
   1. How to Prepare for a Smart Contract Audit: https://consensys.net/diligence/blog/2019/09/how-to-prepare-for-a-smart-contract-audit/
   2. What is a Security Audit, When You Should Get One, and How to Prepare (by @petty) : https://our.status.im/what-is-a-security-audit-when-you-should-get-one-and-how-to-prepare/
   3. 246 Findings From our Smart Contract Audits: An Executive Summary: https://blog.trailofbits.com/2019/08/08/246-findings-from-our-smart-contract-audits-an-executive-summary/
2. Run MythX on Fei Protocol contracts and analyze the reported findings: https://github.com/fei-protocol/fei-protocol-core/tree/master/contracts
3. Run Slither on Uniswap V3 contracts and analyze the reported findings: https://github.com/Uniswap/uniswap-v3-core/tree/main/contracts
4. Watch The Evolution of Smart Contract Security by Dan Guido, Trail of Bits: https://www.youtube.com/watch?v=fOkQuNzVn_Q
5. Attempt Paradigm CTF: https://github.com/paradigm-operations/paradigm-ctf-2021

---

Quiz

• Slot 6 quiz

Quiz Writeups

• https://ventral.digital/posts/2021/11/21/secureum-bootcamp-audit-techniques-tools-101-quiz

---

---

Slot 7 - Audit Findings 101

Blog

Article on "Audit Findings 101"

Youtube Videos

1. Block 1
2. Block 2
3. Block 3
4. Block 4
5. Block 5

Participant Created Content

• Audit Findings 101 and 201 - D-Squared

---

Assignment

1. Read the audit report along with the smart contracts to understand all the reported findings for Fei Protocol: https://consensys.net/diligence/audits/2021/01/fei-protocol
2. Read the audit report along with the smart contracts to understand all the reported findings for Uniswap V3: https://github.com/Uniswap/uniswap-v3-core/blob/main/audits/tob/audit.pdf
3. Read the audit report along with the smart contracts to understand all the reported findings for Chainlink: https://github.com/sigp/public-audits/blob/master/chainlink-1/review.pdf
4. Read the audit report along with the smart contracts to understand all the reported findings for Opyn Gamma protocol: https://blog.openzeppelin.com/opyn-gamma-protocol-audit/
5. Watch: OpenZeppelin @tinchoabbate's Secure Development Series: https://www.youtube.com/playlist?list=PLdJRkA9gCKOONBSlcifqLig_ZTyG_YLqz

---

Quiz

• Slot 7 Quiz

Quiz Writeups

• https://ventral.digital/posts/2021/11/28/secureum-bootcamp-audit-findings-101-quiz

---

---

Slot 8 Audit Findings 201

Blog

Article on "Audit Findings 201"

Youtube Videos

1. Block 1
2. Block 2
3. Block 3
4. Block 4
5. Block 5

Participant Created Content

• Audit Findings 101 and 201 - D-Squared

---

Assignment

1. Read the audit report along with the smart contracts to understand all the reported findings for 1inch Liquidity Protocol: https://consensys.net/diligence/audits/2020/12/1inch-liquidity-protocol/
2. Read the audit report along with the smart contracts to understand all the reported findings for Origin Dollar: https://github.com/trailofbits/publications/blob/master/reviews/OriginDollar.pdf
3. Read the audit report along with the smart contracts to understand all the reported findings for Synthetix EtherCollateral: https://github.com/sigp/public-audits/blob/master/synthetix/ethercollateral/review.pdf
4. Read the audit report along with the smart contracts to understand all the reported findings for Holdefi: https://blog.openzeppelin.com/holdefi-audit
5. Stay updated with Ethereum security articles/news:
   1. WeekInEthereumNews (security section): https://weekinethereumnews.com/
   2. BlockThreat Newsletter: https://www.blockthreat.io/
   3. Rekt: https://rekt.news/
   4. Secureum Newsletter: https://secureum.substack.com/

---

Quiz

• Slot 8 Quiz

Quiz Writeups

• https://ventral.digital/posts/2021/11/28/secureum-bootcamp-audit-findings-201-quiz

---

---

Extras

• patrickd's CARE Report for Sushi's BentoBox Strategies
• Epoch - February RACE #4 Quiz Writeup