This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Smart Contract Top 10"

From OWASP
Jump to: navigation, search
(Created page with "== OWASP Smart Contract Top 10 == Work in progress / Placeholder page for the Smart Contract Top 10 vulnerabilities. '''Insufficient bounding''' [ERC20SA] [Fallback] [Reen...")
 
 
Line 15: Line 15:
  
 
References:
 
References:
 
 
  
  
Line 29: Line 27:
  
 
[ERC20SA] http://vessenes.com/the-erc20-short-address-attack-explained/
 
[ERC20SA] http://vessenes.com/the-erc20-short-address-attack-explained/
 +
 +
[UncheckedSend] http://hackingdistributed.com/2016/06/16/scanning-live-ethereum-contracts-for-bugs/

Latest revision as of 22:16, 18 February 2018

OWASP Smart Contract Top 10

Work in progress / Placeholder page for the Smart Contract Top 10 vulnerabilities.


Insufficient bounding [ERC20SA] [Fallback] [Reentrancy]


Bad cryptographic practices: [Random]


References:



[Random] https://blog.positive.com/predicting-random-numbers-in-ethereum-smart-contracts-e5358c6b8620

[Fallback] https://solidity.readthedocs.io/en/latest/contracts.html#fallback-function

[Reentrancy] https://solidity.readthedocs.io/en/develop/security-considerations.html

[ERC20SA] http://vessenes.com/the-erc20-short-address-attack-explained/

[UncheckedSend] http://hackingdistributed.com/2016/06/16/scanning-live-ethereum-contracts-for-bugs/