Secureum

Secureum
Education & Evaluation of Ethereum Security.
Created 01 Jan 2021
21
Posts
123
Likes
14
Comments
8
Mentions
  • Audit Findings 201
    21 Nov 2021 • 40 min read • 6 0
    Document potential edge cases for hook receiver contracts: The functions withdrawTokenAndCall() and withdrawTokenAndCallOnBehalf() make a call to a hook contract designated by the owner of the withdra...
  • Audit Findings 101
    14 Nov 2021 • 50 min read • 7 2
    Unhandled return values of transfer and transferFrom: ERC20 implementations are not always consistent. Some implementations of transfer and transferFrom could return ‘false’ on failure instead of reve...
  • Audit Techniques & Tools 101
    07 Nov 2021 • 41 min read • 8 0
    Audit: is an external security assessment of a project codebase, typically requested and paid-for by the project team It detects and describes (in a report) security issues with underlying vulnerabili...
  • Security Pitfalls & Best Practices 201
    31 Oct 2021 • 16 min read • 5 2
    ERC20 transfer and transferFrom: Should return a boolean. Several tokens do not return a boolean on these functions. As a result, their calls in the contract might fail. (See here) ERC20 name, decimal...
  • Security Pitfalls & Best Practices 101
    24 Oct 2021 • 16 min read • 9 0
    Solidity versions: Using very old versions of Solidity prevents benefits of bug fixes and newer security checks. Using the latest versions might make contracts susceptible to undiscovered compiler bug...
  • Solidity 201
    17 Oct 2021 • 54 min read • 6 0
    Solidity supports multiple inheritance including polymorphism: Polymorphism means that a function call (internal and external) always executes the function of the same name (and parameter types) in th...
  • Solidity 101
    10 Oct 2021 • 38 min read • 11 0
    Solidity is a high-level language for implementing smart contracts on Ethereum (and the blockchains) targeting the EVM. Solidity was proposed in 2014 by Gavin Wood and was later developed by Ethereum’...
  • Ethereum 101
    03 Oct 2021 • 30 min read • 20 0
    Ethereum is “A Next-Generation Smart Contract and Decentralized Application Platform” (See here) Ethereum is a blockchain with a built-in Turing-complete programming language, allowing anyone to write...
  • Secureum Bootcamp for Smart Contract Security Auditing
    18 Jul 2021 • 4 min read • 9 1
    Secureum, a portmanteau of Security & Ethereum and pronounced like the latter, started as a newsletter about observations, learnings and perspectives on security topics in Ethereum. The first issue wa...
  • Contract Secureum is Pausable
    14 Mar 2021 • 1 min read • 3 1
    Secureum, a portmanteau of Security & Ethereum and pronounced like the latter, started as a newsletter about observations, learnings and perspectives on security topics in Ethereum. The first issue wa...
  • View More on Substack »