Smart Contract Auditor Needed
This checklist outlines essential skills and knowledge required for blockchain security professionals, covering Solidity, Ethereum network intricacies, blockchain tools, DeFi mechanics, common vulnerabilities, and experience with security-focused CTFs and bootcamps.
Ref
Promotion process, roles and responsibilities · spearbit/proposals · Discussion #3
Checklist
- Confident reading and writing Solidity code.
- Confident with how the Ethereum network works.
- POW, POS.
- Block construction.
- TX propagation and mempool.
- Nodes and clients.
- Familiar with other EVM blockchains.
- Confident using Etherscan.
- Confident using GitHub.
- Confident using IDEs (Remix, HardHat, Foundry, Brownie, etc..).
- Confident with blockchain security concepts and common vulnerabilities.
- Confident with most common ERCs and proxy patterns.
- Confident with common DeFi mechanics (AMMs, lending, collateral, staking, etc..) and DeFi protocols (i.e., uniswap, compound, bancor, olympus,etc..)
- Familiar programming back end and front end applications with web3 or ethersJS.
- Familiar with ethereum clients and how they work.
- Familiar with basic EVM concepts and compilers.
- High level understanding of CALL and STATE.
- Difference between solidity > and < 0.8.0 versions.
- Gas optimizations.
- Familiar with basic token economics.
- Completed Ethernaut, DamnVulnerableDeFi or any other blockchain CTF.
- Completed SECUREUMs bootcamp and participated on a RACE finding multiple issues.
- Can write Proof of Concepts for his own findings.
- Can write recommendations to fix security issues following best practices.
- Can write reports out of findings.
- Can document a protocol’s architecture.
This post is licensed under CC BY 4.0 by the author.