https://github.com/jcsec-security/cosmwasm-security-spotlight

Posts and labs to learn CosmWasm smart contract security vulnerabilities and audit
https://github.com/jcsec-security/cosmwasm-security-spotlight

audit blockchain bug bugbounty contract cosmos cosmossdk cosmwasm ctf dapp defi hacking rust security smart smartcontract vulnerabilities

Last synced: 4 months ago
JSON representation

Posts and labs to learn CosmWasm smart contract security vulnerabilities and audit

• Host: GitHub
• URL: https://github.com/jcsec-security/cosmwasm-security-spotlight
• Owner: jcsec-security
• Created: 2023-03-21T15:26:47.000Z (almost 3 years ago)
• Default Branch: main
• Last Pushed: 2024-02-23T09:36:26.000Z (almost 2 years ago)
• Last Synced: 2024-02-23T10:37:47.322Z (almost 2 years ago)
• Topics: audit, blockchain, bug, bugbounty, contract, cosmos, cosmossdk, cosmwasm, ctf, dapp, defi, hacking, rust, security, smart, smartcontract, vulnerabilities
• Homepage:
• Size: 16.6 KB
• Stars: 5
• Watchers: 2
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
> [!NOTE] 

> Would you like to know more about my security services?

> [Check out my website](https://jcsec.io/)!

---

# CosmWasm Security Spotlight

CosmWasm Security Spotlight is intended to be a series of medium posts about vulnerabilities found in audits of CW smart contracts. It would be a good starting point for anyone looking to get into CW contracts audits or to develop more secure smart contracts.

In addition, I created some hands-on labs so the reader can practice their bug-hunting skills in easy targets. This series is being published in collaboration with [Oak Security](https://www.oaksecurity.io/).

- [#1 Unsaved storage changes](https://jcsec-audits.medium.com/cosmwasm-security-spotlight-1-cba294b27ea2)

    - Spot the bug challenge [01-Storewhat?](https://github.com/oak-security/cosmwasm-security-dojo/tree/main/challenges/01-storewhat)

- [#2 Access Controls](https://jcsec-audits.medium.com/cosmwasm-security-spotlight-2-3b8abeb066a1)

    - Spot the bug challenge [02-Auth](https://github.com/oak-security/cosmwasm-security-dojo/tree/main/challenges/02-auth)

- [#3 Address validation](https://jcsec-audits.medium.com/cosmwasm-security-spotlight-3-2b11f36fd61)

    - Spot the bug challenge [05-Addressing](https://github.com/oak-security/cosmwasm-security-dojo/tree/main/challenges/05-addressing)

- [#4 Rounding issues](https://jcsec-audits.medium.com/cosmwasm-security-spotlight-4-b5ba69b96c5f)

    - Spot the bug challenge [06-Rounding](https://github.com/oak-security/cosmwasm-security-dojo/tree/main/challenges/06-rounding) 

# CosmWasm CTF - AwesomWasm 2023

Check the CTF that I co-created for the AwesomWasm 2023 conference to challenge your knowledge afterward!

- [Oak Security CosmWasm CTF](https://github.com/oak-security/cosmwasm-ctf)