Contributed by: Script Money
Full-stack engineer familiar with Web3 development ecosystem, has written some technical tutorials
This article is the fifth installment of the Web3 Recommended Education Resources series produced by CryptoChasers - Solidity Advanced. The previous article, "Solidity Intermediate" provided many high-quality resources related to EVM, helping developers learn. This advanced article provides tutorials mainly in the field of contract security, learning advanced Solidity knowledge by reproducing historical hacker events and solving CTF (cybersecurity competition) puzzles.
Recommended Tutorials#
Web3 Security#
- Website: web3sec.xrex.io
- Language: English/Chinese
- Content: Index
This Notion maintained by white hat SunSec contains various resources, tutorials, tools, and more related to Web3 security. It is a treasure trove and worth browsing, including some Chinese materials. The most highly acclaimed open-source library, DeFiHackLabs, records the attack methods of various DeFi security incidents in history. It is written by Foundry and is constantly updated. Highly recommended.
Puzzlebox.sol#
- Website: ctf.dragonfly.xyz
- Language: English
- Content: Puzzles
CTF initiated by investment firm dragonfly, highly praised by the technical experts in the community. The content of the competition is to interact step by step with the functions designed in the puzzlebox contract until the box is completely opened. Each step does not have a fixed solution, and the higher the score, the lower the gas consumption optimization. To achieve a high score, you need to demonstrate your skills. You can try it yourself first and then learn from others' solutions.
Paradigm CTF 2022#
- Website: github.com/paradigmxyz/paradigm-ctf-2022
- Language: English
- Content: Puzzles
CTF initiated by research-oriented investment firm Paradigm, also available in the 2021 edition. It is another CTF highly praised by technical experts in the community, with a large difference in difficulty between the questions. It is quite challenging to complete all of them. After deploying the local environment, call the solve function of the puzzle contract by writing scripts or contracts, and then send a request to obtain the score. There are puzzles in Cairo 0 (the development language of StarkNet) and Solana chain, which can be chosen not to be viewed. It is not yet certain whether there will be Paradigm CTF 2023 this year. If you want to score, you can take a look at the latest Cairo in advance.
Summary#
The recommended resources above are mainly based on the suggestions of some experts in the community. Therefore, well-known CTFs like ethernaut are not separately recommended because their difficulty is too simple. Good content lies in its essence. If you feel that you need more learning, you can find other materials in the Web3Sec library. If you think you are very capable, participate in newly launched CTFs and enjoy the excitement of competition.