Listed reports will be either from tutorials or exercises.
- Decentralized Finance (DeFi)
- NFTs (Non-Fungible Tokens)
- DAOs (Decentralized Autonomous Organizations)
- Metaverse and Virtual Worlds
- Gaming and Play-to-Earn (P2E)
- Decentralized Cloud Storage
- Identity and Reputation Systems
- Social and Content Platforms
- ERC-20: Token standard for fungible tokens (e.g., USDC, DAI)
- ERC-721: Non-fungible tokens (NFTs)
- ERC-1155: Multi-token standard for fungible and non-fungible tokens
- ERC-4337: Account abstraction for smart wallets
- Uniswap (DeFi/AMM)
- Axie Infinity (Gaming/P2E)
- Aave (DeFi/Lending)
- OpenSea (NFT Marketplace)
- Ethereum Name Service (Identity/Domain Names)
- Decentraland (Metaverse)
- Solidity: Main language for Ethereum smart contracts
- Rust: Used for projects like Solana and Polkadot
- Cairo: Starknet smart contract language
- Vyper: Python-based smart contract language
- Foundry: Development framework for Solidity
- Hardhat: Ethereum development environment
- EVM (Ethereum Virtual Machine): Core runtime for Ethereum contracts
- Starknet: Layer 2 solution using Zero-Knowledge rollups for scalability
- Reentrancy attacks
- Integer overflows/underflows
- Access control vulnerabilities
- Phishing and front-running
- Efficient loop usage
- Minimizing storage reads/writes
- Using memory over storage when possible
- Practice shadow auditing code from live projects
- Participate in Web3 and Solidity-based CTFs
- Use platforms like Ethernaut, Damn Vulnerable DeFi, and others
- Set up local environments and create custom problems for practice
- Audit live contracts from bug bounty programs or platforms like Code4rena
- Participate in programs like Immunefi, HackenProof, etc.
- Hackes
- Challenges