En route to becoming a smart contract auditor — Week 1

By akohad Oct16,2022


Week 1: Taking the leap

Inspired by Silvia Margarita, I decided to start journaling my daily learning progress. I’ve been in and out of web3 for over half a year now. Un-focused, fractured and playfully learning about web3 practically meant that my learning was mostly uneventful.

One of the biggest reason is also due to me landed my first ever job right before I started to dabble with web3 stuff which shifted my mindset to treat web3 knowledge as a hobby….a hobby that I will grow undetachable interest over the course of those 6 months. Taking my time surfing around, I’ve slowly reached a point where I’m introduced with security side of the smart contracts initially through bad news such as protocols being hacked (lmao).

Finding more relatable articles open up a whole new world to me. A world about smart contract security. I realized it actually wasn’t that far away, so many tutorials, analysis and challenges such as ethernaut.

The tipping point of turning me from casual attitude of “meh” to “MURICAAA’ was this : Interview with Alexander Schlindwein. Something inside me clicked after I finished reading it. I felt the drive to actually make a “Do or Die” resolution. So I started this daily journal to pressure myself that its not just a hot headed decision, its something that I wanted for a very long time.

This journal will end when Ilanded a smart contract auditing/security permanent role. A journey of a thousand miles begins with a single step.

💡 What I learnt?

3 Oct, Mon < 3 hours

  • CryptoZombie (3/14) : Advanced Solidity Concept (✅ )

Gas consideration changes the way a code is written when compared to web2. In this chapter, instead of getting the zombies of owner directly from storage we view the function and iterates the order before returning. Why? Because if we get it directly from storage, the sequences of zombies need to be re-arrange inside the storage which every move cost gas.

  • buildspace: Build a Web3 App with Solidity (50%)

Basics on Solidity, Hardhat development tool, ethers.js Js API , quicknode node provider. Writing test and deploy script in Js.

  • Listened to BNB Chain Twitter Space — “The Web3 Business Model and Why it Matters?” while i dozed off and pretending am productive

4 Oct, Tues < 3 hours

  • CryptoZombie (4/14) : Zombie Battle System (✅ )

Bad randomness generated through publicly accessible info such as timestamp is exploitable by node. One of the way is generate through oracle. Details

  • buildspace: Build a Web3 App with Solidity (93%)

Met with errors when working on on Replit using React. Absolutely demolished by it as Im not familiar with React

5 Oct, Wed < 4 hours

  • CryptoZombie (5/14) : ERC721 & Crypto-Collectibles (✅ )

Implementation of ERC721

Interesting remark from the creator on year 2038 problem and natspec.

  • buildspace: Build a Web3 App with Solidity (✅ )

calling a function from smart contract but did not setup an event listener useEffect. Managed to solved it after looking through at discord group, definitely need to take courses on React… (adding to my learning list)

6 Oct, Thurs < 3 hours

  • CryptoZombie (6/14) : App Front Ends & Web3.js (✅ )

Basic on web3.js and front end. Everything is in Js and HTML. Having difficulty understanding, thinking of stopping the lesson and continue after i took Js,HTML course but i figured my focus should be on solidity and Dapps deployment logic in this moment. Push through the chapter and will revisit in future.

  • Started Road to Web3 (1/10) : How to Develop an NFT Smart Contract (ERC721) with Alchemy (✅ )

Introduction to tools such as Remix IDE, Openzeppelin’s contract wizard , filebase and metadata standards.

7 Oct, Fri < 3 hours

  • CryptoZombie (7/14) : Data Feeds and Computation (✅ )

Data feed to avoid single point failure using Decentralized Oracle Network (DON) through ChainLink.

Generate random number through chainlink.

  • Road to Web3 (2/10): How to Build “Buy Me a Coffee” DeFi dapp ( 50% )

Working on challenge given

a) update function to change withdraw address

b) add option for user to give diff amount of coffee (ETH)

🌟 Watch how the entire BNB exploit unfolds on twitter. When can I be this good? T.T

8 Oct, Sat < 6 hours

  • Road to Web3 (2/10): How to Build “Buy Me a Coffee” DeFi dapp (✅)

a) modified withdrawTip() to let owner transfer the ETH to the inputted address

b) decided to remain the function as payable and deal with the different options at front end

Majority of the hours were spent to understand React. Managed to add a text input and button for owner to key in address to be withdrawn to. Added a drop down list for user to select diff size of Coffee to give different amount of tips $$. Didn refine my UI, will revisit ltr to “beautify” the site after i took course on HTML, CSS and Js on front end design.

9 Oct, Sun < 4 hours

Reinforce on fundamental knowledge.

Neat introduction of React js and Next js. Detailed breakdown of calculation of gas, gas estimation.

New to trading? Try crypto trading bots or copy trading


Source link

By akohad

Related Post

Leave a Reply

Your email address will not be published. Required fields are marked *