#Smart-contract-auditing
Showing 5 of 5 repositories tagged #smart-contract-auditing, ranked by stars
Curated Web3 security learning hub for smart contract auditors and protocol teams: roadmaps, audit tools, public reports, fuzzing, formal verification, AI-assisted workflows, offchain security, incident response, and launch checklists.
A complete Web3 security toolkit combining AI-powered token auditing, ML-based deployer reputation scoring, and live Etherscan V2 data. Includes static analysis for rugpull detection, RandomForest reputation modeling, contract-fetching automation, and Solidity on-chain registries for transparent, reproducible security insights.
A lightweight static analysis engine for Solidity smart contracts. Extracts code features, detects dangerous patterns (delegatecall, tx.origin, call.value), computes heuristic risk scores, and classifies contracts into Low/Medium/High risk levels. Includes multiple example vulnerabilities and a clean CLI for rapid security assessment.
A deep technical article exploring how AI, feature engineering, and static smart-contract analysis uncover rugpull risks before humans detect them. Covers Solidity pattern mining, mint abuse detection, blacklist/fee manipulation signals, ML-inspired scoring models, and how to quantify ERC-20 token scam probability.
Bytecode Truth, Not Source is a deep technical exploration of why smart-contract source code cannot be trusted as the ground truth for security. This repository shows how compiler optimizations, hidden assembly, proxies, and unreachable logic make verified Solidity misleading, and why only EVM bytecode reveals actual on-chain behavior.