Table of contents
Kernel is about being careful, in all the many senses of that word. When it comes to code we write, that means safety first, then teamwork. Below, you will find the best security resources we know of to help you ensure that your contracts follow best practices and abide by the latest industry standards.
ToolsΒΆTrail of Bits Toolbox
One of the most well-established and respected audit firm's very own toolbox for ensuring high security standards.
H/T Matt Solomon. Check out his article for more.
Detecting Not So Smart Contracts
Two useful repos for understanding the vulnerable patterns used by not-so-smart contracts, and for detecting various potential vulnerabilities.
MythX
Another useful Consensys tool that's easy to integrate with frameworks like Truffle especially. Find a useful code, among many other things, here.
Where practice and theory meet. This practices, lists, and methods indicated below are not quite tools in the sense of the section above, but they are very, very useful.
Secureum Checklist
A clear and concise checklist any serious developer or audit needs for their work. Written by our own Rajeev Gopalakrishna.
Mutation Testing
An introduction to mutation testing from Security Track mentor Joran Honig. You can find a detailed explanation here.
Security has as much to do with being informed as it does with managing risk. We recommend these publications to help you stay on top of the latest news, developments and insights across the industry (without having to spend all your days trawling CT - though that can have its use too).