This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Smart Contract Top 10
OWASP Smart Contract Top 10
Work in progress / Placeholder page for the Smart Contract Top 10 vulnerabilities.
Insufficient bounding
[ERC20SA]
[Fallback]
[Reentrancy]
Bad cryptographic practices:
[Random]
References:
[Random] https://blog.positive.com/predicting-random-numbers-in-ethereum-smart-contracts-e5358c6b8620
[Fallback] https://solidity.readthedocs.io/en/latest/contracts.html#fallback-function
[Reentrancy] https://solidity.readthedocs.io/en/develop/security-considerations.html
[ERC20SA] http://vessenes.com/the-erc20-short-address-attack-explained/
[UncheckedSend] http://hackingdistributed.com/2016/06/16/scanning-live-ethereum-contracts-for-bugs/