{"id":19208420,"url":"https://github.com/zntb/advanced-foundry","last_synced_at":"2026-02-26T12:04:15.215Z","repository":{"id":254248725,"uuid":"845943889","full_name":"zntb/Advanced-Foundry","owner":"zntb","description":null,"archived":false,"fork":false,"pushed_at":"2025-01-18T08:26:39.000Z","size":10294,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-01-18T08:28:14.173Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/zntb.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-08-22T08:28:52.000Z","updated_at":"2025-01-18T08:26:41.000Z","dependencies_parsed_at":"2025-01-04T15:48:27.052Z","dependency_job_id":"c32e803d-445b-4b2c-a676-04c708fb38ba","html_url":"https://github.com/zntb/Advanced-Foundry","commit_stats":null,"previous_names":["zntb/advanced-foundry"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zntb%2FAdvanced-Foundry","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zntb%2FAdvanced-Foundry/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zntb%2FAdvanced-Foundry/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zntb%2FAdvanced-Foundry/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/zntb","download_url":"https://codeload.github.com/zntb/Advanced-Foundry/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":240280989,"owners_count":19776418,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-09T13:26:11.789Z","updated_at":"2026-02-26T12:04:15.204Z","avatar_url":"https://github.com/zntb.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# Security - Isolated Dev-environments\r\n\r\n## Isolated Development Environments\r\n\r\nLet’s learn about Isolated Development Environments. According to Chain Analysis, in 2024 the most popular type of attack was a private key leak. In this lesson we want to introduce to how to mitigate the risks of running malicious code on our host machine. This is important for any level of developer or security researcher.\r\n\r\nWe will take a look at ways to protect our host machine against different attack vectors which all have one thing in common, running unvetted code on our host machine and giving it access to everything.\r\n\r\nThe tool we are going to use to isolate the unvetted code is Docker containers or Dev containers, specifically Dev containers built directly into VS Code. The Red Guild has written an awesome blog on it which is linked in the description.\r\n\r\nLet’s imagine our computer has hardware, and a host operating system such as Linux, MacOS, or Windows, Inside this OS contains network, files and our applications.\r\n\r\nIf we run a script in our host machine with `npm run`, or bash script, it has access to our network, files and applications.\r\n\r\nWe can isolate these programs with docker containers, where we create isolated versions of stuff our actual computer has.\r\n\r\nInstead of a potentially unvetted program running directly on our machine, we can run it within the Docker container to mitigate risks\r\n\r\n## Setting up a Dev Container\r\n\r\n1. Clone the repo\r\n2. Make sure docker is running\r\n3. In VS Code open the command pallet and select:\r\n\r\n```Solidity\r\nreopen in container\r\n```\r\n\r\n1. We can view that the container is running in the docker desktop app\r\n   Dev containers allow us to see a folder called `.devcontainer` which has the following:\r\n\r\n- `devcontainer.json`\r\n\r\n- `dockerfile`\r\n\r\nThe dockerfile tells docker what tools to install and how to spin up a docker container.\r\n\r\nOur docker file for the foundry folder is set to start from a blank Linux Debian instance. Some of the tools this docker will install are ZSH, Rust, UV, some solidity tools, and foundry.\r\n\r\nThere are workspace mount settings on the container, which tells VS Code to spin up an unmounted Docker container. This is where you must be specific with what access you give the container. To check where our directory is we can run the following command in the terminal:\r\n\r\n```bash\r\npwd\r\n```\r\n\r\nIt says we are in the `/workspaces` directory.\r\n\r\nInside of VSCode if we open a terminal and then run a `get clone` command on a github repository it will clone this code and run inside of the docker container. We can open this new directory with a code command:\r\n\r\n```bash\r\ncode .\r\n```\r\n\r\nHere are some quick tips:\r\n\r\n- Its always dangerous to run code you are not 100% sure of\r\n\r\n- Running scripts in isolated environments like Docker containers can help protect against unknown malicious scripts\r\n\r\n- There is no 100% sure way to be 100% safe\r\n\r\nKeep these in mind to stay safe out there!\r\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzntb%2Fadvanced-foundry","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fzntb%2Fadvanced-foundry","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzntb%2Fadvanced-foundry/lists"}