Description
Guide explaining the most common smart contract vulnerabilities from the application developer's perspective — how to detect risky contracts before your app interacts with them.
Why this matters
Both courses teach reentrancy from the Solidity side. But app developers also need to know: "Is this contract I'm integrating with safe?" This guide teaches vulnerability awareness without requiring Solidity expertise.
Scope
- Reentrancy attacks — how they work, the checks-effects-interactions pattern, ReentrancyGuard
- Oracle manipulation — why centralized price feeds are dangerous, why Chainlink matters
- Front-running / MEV — how your transaction can be sandwiched, protection strategies
- Access control issues — unprotected functions, missing onlyOwner
- Integer overflow/underflow — pre-0.8 vs post-0.8 Solidity
- How to check if a contract is verified and audited
- Red flags when integrating with third-party contracts
- Tools: Slither, Mythril, Etherscan source verification
w3-kit approach
- Application developer perspective, not auditor perspective
- "Before you integrate" checklist
- Practical: how to read Etherscan to spot red flags
- Links to audit reports and security resources
Acceptance criteria
Description
Guide explaining the most common smart contract vulnerabilities from the application developer's perspective — how to detect risky contracts before your app interacts with them.
Why this matters
Both courses teach reentrancy from the Solidity side. But app developers also need to know: "Is this contract I'm integrating with safe?" This guide teaches vulnerability awareness without requiring Solidity expertise.
Scope
w3-kit approach
Acceptance criteria
guides/.learn.mdwith decision tree for evaluating contract safety