Here we collect and discuss the best DeFi & Blockchain researches and tools - contributions are welcome.
Feel free to submit a pull request, with anything from small fixes to translations, docs or tools you'd like to add.
Topic | Instant Link |
---|---|
Basics | Explore |
dApps | Explore |
Frameworks | Explore |
zk-snarks | Explore |
Further Readings | Explore |
Security | Explore |
DeFi | Explore |
ENS | Explore |
NFT | Explore |
Stable Coins | Explore |
General Info | Explore |
Side Chains | Explore |
MEV | Explore |
Tools Collection | Explore |
ETH 2.0 | Explore |
Front End | Explore |
Project Manag. | Explore |
- Learn the basics of Distributed Ledger Technology (DLT)
- Bitcoin protocol Explained
- Elliptic Curve Cryptography
- Read Blockchain Explained
- Watch Blockchain - A visual demo
- Watch But how does bitcoin actually work? - 3b1b
- Learn the basics of Computer Science
- Learn the basics of Ethereum
- Ethereum Virtual Machine (EVM): turing complete
- Learn about Wallets, Accounts (EOA), Private/Public Keys
- Learn about transactions, Gas, Metamask
- Ethereum clients/Nodes, Geth
- Infura infrastructure
- Basics of Smart Contract
- Life Cycle of Smart Contract
- Ethereum Higher Level languages (Solidity, Vyper, LLL, Serpent)
- Compiling, testing, Deploying smart Contracts
- Interacting with smart contracts using web3.js or web3.py
- Read How does Ethereum work, anyway?
- Read this article
- Read the Truffle Documentation / Hardhat Documentation
- Read the Web3 Documentation / Ethers Documentation
- Read Book Mastering Ethereum and watch this channel
- Read Solidity Smart Contract Library and Solidity Base with Tutorial from Zombies
- Read Flash Crash for Cash Cyber Threats in Decentralized Finance
- ERCs - Ethereum Improvement Proposals
- ERC-20 - Token contract for fungible assets.
- ERC-721 - Token standard for non-fungible assets.
- ERC-1155 - Token standard for semi-fungible tokens
- ERC-918 - Mineable Token Standard.
- Token Interaction Checklist
- ERC-165 - Creates a standard method to publish and detect what interfaces a smart contract implements.
- ERC-725 - A standard interface for a simple proxy account.
- ERC-173 - A standard interface for ownership of contracts.
- Learn GIT
- Create a few repositories on GitHub / GitLab
- Share your code with other people
- know HTTP(S) protocol, request methods (GET, POST, PUT, PATCH, DELETE, OPTIONS)
- Don't be afraid of using Google, Power Searching with Google
- Get familiar with terminal (Linux/Docker), configure your shell (bash, zsh, fish)
- Read a few books about algorithms and data structures, blockchain, Ethereum, solidity
- Do this course Ethereum and Solidity: The Complete Developer's Guide
- Free tutorial Learning Solidity
- Introduction to Smart Contract Development with Solidity and ERC20 Programming
- Tudelft Repo
- eth-cli - CLI tools.
- REPL - Solidity REPL.
- Remix - Online realtime compiler and runtime.
- gencall-cli - An interractive smart contract encoder and sender from your ABI file
- Optimize Solidity Function Name - Optimize function names to reduce costs
- solc-typed-ast compiler - TypeScript package providing a normalized typed Solidity AST along with the utilities necessary to generate the AST (from Solc) and traverse/manipulate it.
- Get familiar with tools that you will be using:
- Remix IDE
- Remix IDE Desktop Release
- Ethfiddle
- labs.superblock
- Truffle
- Solidity v0.5.3
- Vyper
- Atom
- Etheratom
- Autocomplete Solidity
- Language Solidity
- Vim solidity
- YAKINDU Solidity Tools
- VSCode with Solidity Visual Developer
- vscode-solidity-lang Solidity Semantic Highlighting for VSode. available at vscode marketplace
- MetaMask OpenRCP API Playground - View and Interact with MetaMasks RPC API
- Learn Ethereum development by making a Zombie Game
- Read and make and example: Pet shop tutorial
- Time-locked Wallets: An Introduction to Ethereum Smart Contracts
- The Ultimate ENS and ĐApp Tutorial
- Ultimate Introduction to Ethereum Ðapp Development
- Ethernaut is a Web3/Solidity based wargame for those interested in learning ethereum
- Ethereum and Solidity: The Complete Developer's Guide
- Consensys best practices - This document provides a baseline knowledge of security considerations for intermediate Solidity programmers. It is maintained by ConsenSys Diligence, and the broader Ethereum community.
- Solidity Patterns - A compilation of patterns and best practices.
- Smart Contracts Threats DB - A compilation of the worst patterns.
- ETH.build An Educational Sandbox For Web3
- ZoKrates - A toolbox for zkSNARKS on Ethereum
- The AZTEC Protocol - Confidential transactions on the Ethereum network, implementation is live on the Ethereum main-net
- Nightfall - Make any ERC-20 / ERC-721 token private - open source tools & microservices
- Proxy Re-encryption (PRE)
- NuCypher Network - A proxy re-encryption network to empower data privacy in decentralized systems
- pyUmbral - Threshold proxy re-encryption cryptographic library
- Fully Homomorphic Encryption (FHE)
- NuFHE - GPU accelerated FHE library
- StarkWare and StarkWare Resources - StarkEx scalability engine storing state transitions on-chain
Note: Superblocks is depreciated
- Frameworks List - Ethereum Frameworks Listing.
- Hardhat - Flexible, extensible and fast Ethereum development environment.
- Brownie - Brownie is a Python framework for deploying, testing and interacting with Ethereum smart contracts.
- Embark - Framework for DApp development
- Waffle - Framework for advanced smart contract development and testing, small, flexible, fast (based on ethers.js)
- Dapp - Framework for DApp development, successor to DApple
- Etherlime - ethers.js based framework for Dapp deployment
- Parasol - [Depreciated] Agile smart contract development environment with testing, INFURA deployment, automatic contract documentation and more. It features a flexible and unopinionated design with unlimited customizability
- 0xcert - JavaScript framework for building decentralized applications
- OpenZeppelin SDK - OpenZeppelin SDK: A suite of tools to help you develop, compile, upgrade, deploy and interact with smart contracts.
- sbt-ethereum - A tab-completey, text-based console for smart-contract interaction and development, including wallet and ABI management, ENS support, and advanced Scala integration.
- Cobra - A fast, flexible and simple development environment framework for Ethereum smart contract, testing and deployment on Ethereum virtual machine(EVM).
- Epirus - Java framework for building smart contracts.
- Ether Jar Java integration library for Ethereum blockchain
- Starport - A CLI tool for building sovereign IBC-enabled blockchains.
- Sign in with Ethereum | SIWE- Workflow to authenticate Ethereum accounts using message signing in order to establish a cookie-based web session that manages user metadata.
- Foundry - A smart contract development toolchain for project compilation, dependency management, testing, deployments, on-chain interactions...
- Solmate - These contracts have been audited but they were not developed with users in mind. They mainly seek to optimize gas and optimizations for smart contract development
- Ethnode - Run an Ethereum node (Geth or Parity) for development, as easy as
npm i -g ethnode && ethnode
. - Ganache - App for test Ethereum blockchain with visual UI and logs
- Kaleido - Use Kaleido for spinning up a consortium blockchain network. Great for PoCs and testing
- Besu Private Network - Run a private network of Besu nodes in a Docker container
- Orion - Component for performing private transactions by PegaSys
- Artemis - Java implementation of the Ethereum 2.0 Beacon Chain by PegaSys
- Cliquebait - Simplifies integration and accepting testing of smart contract applications with docker instances that closely resembles a real blockchain network
- Local Raiden - Run a local Raiden network in docker containers for demo and testing purposes
- Private networks deployment scripts - Out-of-the-box deployment scripts for private PoA networks
- Local Ethereum Network - Out-of-the-box deployment scripts for private PoW networks
- Ethereum on Azure - Deployment and governance of consortium Ethereum PoA networks
- Ethereum on Google Cloud - Build Ethereum network based on Proof of Work
- Infura - Ethereum API access to Ethereum networks (Mainnet, Ropsten, Rinkeby, Goerli, Kovan)
- CloudFlare Distributed Web Gateway - Provides access to the Ethereum network through the Cloudflare instead of running your own node
- Chainstack - Shared and dedicated Ethereum nodes as a service (Mainnet, Ropsten, Rinkeby)
- Alchemy - Blockchain Developer Platform, Ethereum API, and Node Service (Mainnet, Ropsten, Rinkeby, Goerli, Kovan)
- ZMOK - JSON-RPC Ethereum API (Mainnet, Rinkeby, Front-running Mainnet)
- Watchdata - Provide simple and reliable API access to Ethereum blockchain.
- Rinkeby faucet
- Kovan faucet
- Ropsten faucet (MetaMask)
- Goerli faucet
- Universal faucet
- Nethereum.Faucet - A C#/.NET faucet
- Learn React on official website or complete some courses
- React Roadmap
- aragonUI - A React library including Dapp components
- components.bounties.network - A React library including Dapp components
- ui.decentraland.org - A React library including Dapp components
- dapparatus - Reusable React Dapp components
- Metamask ui - Metamask React Components
- DappHybrid - A cross-platform hybrid hosting mechanism for web based decentralised applications.
- Nethereum.UI.Desktop - Cross-platform desktop wallet sample
- eth-button - Minimalist donation button
- Rimble Design System - Adaptable components and design standards for decentralized applications.
- 3Box Plugins - Drop in react components for social functionality. Including comments, profiles and messaging.
- brave-ui - List of reusable React components to empower your brave UI
- DApp frontend security - In this article, Author will take a look at security for DApps.
- Dework | Web3 Trello with token payments, credentials, bounties...
- Wonderverse | Jira alternative with an intuitive task management system that allows DAOs to pay contributors and collaborate in their projects.
- ETH Dapp Developer Roadmap
- DeFi Defence DAO Tools
- Blockchain Learning Path
- ADF
- DeFi Toolkit
- BlockTools
- SAW List
- Public APIs
- BTC List
- ConsenSys
- EVM Tools
- Solidity Pro
- Zhihu Research Base
- OpenZeppelin - Contracts / Test Helpers + More
- Awesome Ethereum Resource Lists
- Comprehensive Ethereum Developer Resource List
- Smart Contract Learning
- Awesome Cryptoeconomics
- Tudelft Repo
- The Reading List and This repo with Engineering Data List
- Eth Reentrancy Attack Patterns
- Plugin for testing smart contracts
- Solidity function profiler
- Smart Contract Attack Vectors
- DeFi security list
- DeFi Threats Base
- Hacking
- Secureum Bootcamp
- SCSVS
- Smart Contract Inspector
- Blocksec ctfs
- Builder List
- From 0 to Web3.0
| Read 3 awesome cheatsheets:
- All known smart contract side and user side attacks,
- All ETH Sec tools existing,
- Solidity Cheatsheet Pack and
- All about NFT security
-
Blockchain Security Roadmap - This article will be laying down a path/roadmap, following which users will easily enter into the field of Blockchain Security together.
-
The Eye of Horus: Spotting and Analyzing Attacks on Ethereum Smart Contracts -Investigation shows that the number of attacks did not necessarily decrease over the past few years, but for some vulnerabilities remained constant.
-
Analysis of Bitcoin Vulnerability to Bribery Attacks Launched Through Large Transactions - In this paper, authors design a novel bribery attack and show that this guarantee can be hugely undermined.
-
Vulnerability of Blockchain Technologies to Quantum Attacks - Here authors analyze the major blockchain-based cryptocurrencies deployed today -- including Bitcoin, Ethereum, Litecoin and ZCash, and determine risk exposure to quantum attacks.
-
BLOCKEYE - Hunting For DeFi Attacks on Blockchain. In this paper, authors proposed BLOCKEYE, a real-time attack detection system for DeFi projects on the Ethereum blockchain.
-
Topological Anomaly Detection in Dynamic Multilayer Blockchain Networks - Authors introduce a new topological perspective to structural anomaly detection in dynamic multilayer networks.
-
Verification of the Incremental Merkle Tree Algorithm with Dafny - Authors present our new and original correctness proof of the algorithm along with the Dafny machine-checkable version.
-
GoHammer Blockchain Performance Test Tool - This tool will help in developing more efficient decentralized systems and will affect decreasing the costs of developing decentralized application projects.
-
EtherClue: Digital investigation of attacks on Ethereum smart contracts - In this work, authors study the problem of post-factum investigation of Ethereum attacks using Indicators of Compromise specially crafted for use in the blockchain.
-
Requirement Analyses and Evaluations of Blockchain Platforms per Possible Use Cases - This document provides a generic model of understanding blockchain and its applications.
-
A Note on Privacy in Constant Function Market Makers - In this note, authors show that privacy is impossible with the usual implementations of CFMMs under most reasonable models of an adversary and provide some mitigating strategies.
-
A Survey of Security Vulnerabilities in Ethereum Smart Contracts - This paper explains eight vulnerabilities that are specific to the application level of BT by analyzing the exploitation case scenarios of these vulnerabilities.
-
An approach to detect Denial of Service Vulnerability in Ethereum Smart Contracts - In this paper, authors propose a framework that combines static and dynamic analysis to detect DoS due to an unexpected revert in ETH Smart Contracts.
-
AGSolT: a Tool for Automated Test-Case Generation for Solidity Smart Contracts - Authors found that AGSolT is capable of achieving high branch overage with both approaches and even discovered some errors in some of the most popular Solidity smart contracts on Github.
-
Temporal-Amount Snapshot MultiGraph for Ethereum Transaction Tracking - Authors propose TASMG to model Ethereum transaction records as a temporal-amount network and then present TAW to effectively embed accounts via their transaction records, which integrates temporal and amount information of the proposed network.
-
Demystifying Cryptocurrency Mining Attacks: A Semi-supervised Learning Approach Based on Digital Forensics and Dynamic Network Characteristics - This paper addresses the detection of crypto mining attacks in a generic network environment using dynamic network characteristics.
-
FASTEN: Fair and Secure Distributed Voting Using Smart Contracts - Authors prove that the probability of privacy breaches is negligibly small. Further, cost analysis of executing FASTEN over Ethereum is comparable to most of the existing cost of elections.
-
Interdependencies between Mining Costs, Mining Rewards and Blockchain Security - This paper studies to what extent the cost of operating a proof-of-work blockchain is intrinsically linked to the cost of preventing attacks, and to what extent the underlying digital ledger security budgets are correlated with the cryptocurrency market outcomes
-
HyperSec: Visual Analytics for blockchain security monitoring - HyperSec, a visual analytics monitoring tool that provides relevant information at a glance to detect ongoing attacks on Hyperledger Fabric.
-
Reentrancy Vulnerability Identification in Ethereum Smart Contracts - In this paper, authors present a framework that combines static and dynamic analysis to detect Reentrancy vulnerabilities in Ethereum smart contracts.
-
A General Framework for the Security Analysis of Blockchain Protocols - This paper presents a parsimonious abstraction sufficient for capturing and comparing properties of many well-known permissionless blockchain protocols.
-
Coinbugs: Enumerating Common Blockchain Implementation-Level Vulnerabilities - The paper is aimed at security testers aiming to start out in blockchain security reviews and blockchain developers as a reference on common pitfalls.
-
Vulnerabilities and Open Issues of Smart Contracts: A Systematic Mapping - This paper conducted a systematic literature mapping identifying initiatives and tools to analyze SCs and how to deal with the identified vulnerabilities.
-
SuMo: A Mutation Testing Strategy for Solidity Smart Contracts - Authors report a first evaluation of SuMo on open-source projects for which test suites were available. The results authors got are encouraging, and they suggest that SuMo can effectively help developers to deliver more reliable smart contracts.
-
(In)Stability for the Blockchain: Deleveraging Spirals and Stablecoin Attacks - The possibility of deleveraging spirals was first predicted in the initial release of this paper in 2019 and later observed in the Black Thursday crisis in Dai in 2020.
-
An Anonymous Trust-Marking Scheme on Blockchain Systems - In this paper, authors propose an anonymous trust-marking scheme on blockchain systems that is universally applicable to any cryptocurrency.
-
A Framework and DataSet for Bugs in Ethereum Smart Contracts - In this paper, to fill the gap, authors first collect as many smart contract bugs as possible from multiple sources and divide these bugs into 9 categories by extending the IEEE Standard Classification for Software Anomalies.
-
A Secure Multi-chains Consensus Scheme Against Diverse Miners Behaviors Attacks in Blockchain Networks. - Experimental results show that PoDT is secure against DMB attacks and more effective than traditional consensus schemes in multi-chains environments.
-
A Survey on Consortium Blockchain Consensus Mechanisms - This paper highilights several state-of-the art solutions in consensus algorithms for enterprise blockchain.
-
Extracting Smart Contracts Tested and Verified in Coq - Authors implement extraction of Coq programs to functional languages based on MetaCoq's certified erasure.
-
Trustless, privacy-preserving blockchain bridges - In this paper, authors present a protocol for facilitating trust-less cross-chain cryptocurrency transfers that preserve privacy of bridge withdrawals.
-
Security checklists for Ethereum smart contract development: patterns and best practices - Authors cover the phases of design, coding, and testing and deployment of the software lifecycle.
-
Dynamic Vulnerability Detection on Smart Contracts Using Machine Learning - In this work authors propose Dynamit, a monitoring framework to detect reentrancy vulnerabilities in Ethereum smart contracts.
-
Targeting the Weakest Link: Social Engineering Attacks in Ethereum Smart Contracts - In this work, authors explore the possibility and existence of new social engineering attacks beyond smart contract honeypots.
-
OptSmart: A Space Efficient Optimistic Concurrent Execution of Smart Contracts - In this paper, authors develop a concurrent miner that proposes a block by executing the AUs concurrently using optimistic Software Transactional Memory systems (STMs).
-
DEFECTCHECKER: Automated Smart Contract Defect Detection by Analyzing EVM Bytecode - Experimental results show that DefectChecker performs much better than these tools in terms of both speed and accuracy.
-
SmartBugs: A Framework to Analyze Solidity Smart Contracts - Authors show how it enables easy integration and comparison of analysis tools by presenting a new extension to the tool SmartCheck that improves substantially the detection of vulnerabilities related to the DASP10 categories Bad Randomness, Time Manipulation, and Access Control (identified vulnerabilities increased from 11% to 24%).
-
Profiling Gas Leaks in Solidity Smart Contracts - In this paper, authors identify a set of 19 Solidity code smells affecting the deployment and transaction costs of a smart contract, and assess the relevance of such smells through a survey involving 34 participants.
-
Securing Parallel-chain Protocols under Variable Mining Power - In this paper, authors consider the design of provably secure parallel-chain protocols which can adapt to such mining power variations.
-
Ethereum SmartContract Vulnerability Detection using Deep Neural Network and Transfer Learning - ESCORT framework enables transfer learning on new vulnerability types with minimal modification of the DNN model architecture and re-training overhead.
-
SCSGuard: Deep Scam Detection for Ethereum Smart Contracts - Experimental results manifest that SCSGuard achieves high accuracy (0.94), precision (0.96%) and recall (0.98) for both Ponzi and Honeypot scams, and new Phishing smart contracts.
-
Securing Cyber-Physical Systems Through Blockchain-Based Digital Twins and Threat Intelligence - This article focuses on securing CPSs by integrating Artificial Intelligence (AI) and blockchain for intelligent and trusted DTs.
-
A Survey on Blockchain Interoperability: Past, Present, and Future Trends - In this post, authors study blockchain interoperability techniques and solutions, providing a holistic overview of blockchain interoperability, paving the way for systematic research in this domain.
-
SoK: Transparent Dishonesty: front-running attacks on Blockchain - A paper on secure smart contract designs decisions and front-running possibilities on DApps.
-
SoK: Oracles from the Ground Truth to Market Manipulation - A paper that systemizes the design alternatives for oracles, showcases attacks, and discusses attack mitigation strategies.
-
TryHackMe: Complete rooms with challenges and puzzles to break, all from the browser - Hands on cybersecurity training with real-world tasks
-
Disclose: Cross-industry and vendor-agnostic standards for best practives in cybersecurity research - Open source maintainers and industry experts providing a central source for assistance, information, and help via templates, tools, data sets...
-
Hack The Box - A Hacker's playground to dynamically and compete against other users in a collaborative ecosystem that promotes hands-on training experience
-
OverTheWire - Set of wargames and challenges offered by a community to learn and practice security concepts in fun wargames.
-
Pentesterlab - Hands-on labs covering different bu classes from basic to advanced.
-
Portswigger labs - Set of web application secrity labs with attached community solutions
-
Vulnhub - Users upload "challenge boxes" that often attempt to gain root access by exploiting known vulnerabilities.
-
Ethernaut by OpenZeppelin - A collection of Web3 wargamees inspired by OverTheWire in the context of the Ethereum Virtual Machine (EVM). Each level is a smart contract that needs to be hacked.
-
Damn Vulnerable Defi - An offensive security playground to learn red team cybersecurity in the context of DeFi and smart contracts. Examples include tasks where the users needs to stop the system from working, take out funds from a contract...
-
Damn Vulnerable DeFi | Foundry - Same as Damn Vulnerable DeFi but in the context of the foundry development framework.
-
Capture the Ether - Traditional game consisting of a series of categorized challenges where the user earns points after every succesful challenge. The goal is to make the
isComplete()
function return true.
-
Finematics - Educational videos on DeFi
-
Formal Analysis of Composable DeFi Protocols - In this paper, authors propose a formal process-algebraic technique that models DeFi protocols in a compositional manner to allow for efficient property verification.
-
Transaction Fee Mechanism Design - Authors explain the behavior of fees in blockchains.
-
DeFi-ning DeFi: Challenges & Pathway - Good Retrospective into the beginning of decentralized finance.
-
A theory of Automated Market Makers in DeFi - Authors exploit our theory to formally prove a set of fundamental properties of AMMs, characterizing both structural and economic aspects.
-
From banks to DeFi: the evolution of the lending market - Authors discuss the persisting reliance of DeFi lending on the traditional financial system, and conclude with the outlook of the lending market in the IOV era.
-
On the Just-In-Time Discovery of Profit-Generating Transactions in DeFi Protocols -In this paper, authors investigate two methods that allow them to automatically create profitable DeFi trades.
-
Maximizing Extractable Value from Automated Market Makers - In this paper authors formally characterize rational miners as players which follow an optimal strategy in the mining game.
-
The Decentralized Financial Crisis - In this paper authors explore how design weaknesses and price fluctuations in DeFi protocols could lead to a DeFi crisis.
-
Liquidations: DeFi on a Knife-edge- In order to protect protocols from suffering losses, undercollateralized positions can be liquidated. In this paper, authors present empirical analysis of liquidations on protocols for loanable funds (PLFs).
-
Measuring Asset Composability as a Proxy for DeFi Integration - Authors seek to understand the degree to which this practice may contribute to financial integration on Ethereum by examining transactions in 'composed' derivatives for the assets DAI, USDC, USDT, ETH and tokenized BTC for the full set of 344.8 million Ethereum transactions computed in 2020.
-
Dynamic Curves for Decentralized Autonomous Cryptocurrency Exchanges - Authors propose in this work a new approach to constructing the AMM by proposing the idea of dynamic curves.
-
High-Frequency Trading on Decentralized On-Chain Exchanges - In this work authors formalize, analytically exposit and empirically evaluate an augmented variant of front-running: sandwich attacks, which involve front- and back-running victim TXs.
-
Flashot - A Snapshot of Flash Loan Attack on DeFi Ecosystem.
-
DeFiRanger - Detecting Price Manipulation Attacks on DeFi Applications.
-
Attacking the DeFi Ecosystem with Flash Loans for Fun and Profit - Flash Loans. DeFi. Classic.
-
SoK: Decentralized Finance (DeFi) - In this Systematization of Knowledge (SoK), authors delineate the DeFi ecosystem along its principal axes. SCSGuard: Deep Scam Detection for Ethereum Smart Contracts
-
Empirical Evidence from four Governance Token Distributions - This paper provides a framework to quantify decentralization of governance power among blockchain applications.
-
The Adoption of Blockchain-based Decentralized Exchanges - Authors show that liquidity providers lose token value if exchange rates are volatile due to the order execution mechanism of the blockchain-based exchange.
-
An analysis of Uniswap markets -One of the best studies on Uniswap DEX activity, authors started researching in 2019 and recently released fresh 2021 analysis.
-
Finance 4.0: Design principles for a value-sensitive cryptoecnomic system to address sustainability - Authors provide new insights on designing crypto systems.
-
Behavior of Liquidity Providers in Decentralized Exchanges - Authors aim to understand how liquidity providers react to market information and how they benefit from providing liquidity in DEX.
-
Cyclic Arbitrage in Decentralized Exchange Markets - Good Read. This paper suggests that with the smart contract technology and the replicated state machine setting of Ethereum, arbitrage strategies are easier implemented in DEXes than in CEX.
-
SoK: Oracles from the Ground Truth to Market Manipulation - In this SoK, authors systemize the design alternatives for oracles, showcase attacks, and discuss attack mitigation strategies.
-
Composing Networks of Automated Market Makers - This paper proposes a mathematical model for AMM composition.
-
Blockchain Oracle Design Patterns - In this paper, authors will study and analyze blockchain oracles with regard to how they provide feedback to the blockchain and smart contracts.
-
CeFi vs. DeFi - Comparing Centralized to Decentralized Finance - In this work, authors systematically analyze the differences between CeFi and DeFi, covering legal, economic, security, privacy and market manipulation. Authors also provide a structured methodology to differentiate between a CeFi and a DeFi service.
- Ethereum Name Service: the Good, the Bad, and the Ugly - Yet, no existing work has studied this emerging system, the security issues and misbehaviors in ENS. Authors present the first study of ENS by analyzing millions of event logs related to ENS.
-
Mapping the NFT revolution - Market trends, trade networks and visual features.
-
Fairness in ERC token markets - A Case Study of CryptoKitties.
-
Non-Fungible Token: Overview, Evaluation, Opportunities and Challenges - In this technical report, authors explore the NFT ecosystems in several aspects.
-
Cryptoart - Top artists and artworks.
-
CryptoArtPulse - Live View.
-
PumpMyGas - Live estimates of gas fees on all major NFT marketplaces.
-
NonFungible Tracker - NFT tracker.
-
NFTS TOP - NFT Ranking.
-
Networks of Ethereum Non-Fungible Tokens: A graph-based analysis of the ERC-721 ecosystem
-
Stablecoins 2.0 - Authors seek to provide a sound foundation for stablecoin theory, with a risk-based functional characterization of the economic structure of stablecoins.
-
Reducing the Volatility of Cryptocurrencies — A Survey of Stablecoins - Authors discuss how stablecoins help reduce the volatility of cryptocurrencies by surveying different types of stablecoins and their stability mechanisms.
-
Understand Volatility of Algorithmic Stablecoin: Modeling, Verification and Empirical Analysis - Authors performed a systematic empirical analysis on real transaction activities of the Basis Cash stablecoin to relate theoretical possibilities to market observations.
-
T-Cash: Transferable Fiat Backed Coins - In this paper authors propose a transferable electronic cash scheme using blockchain technology which allows users to continuously reuse coins within the system.
-
A Big Data Analysis of the Ethereum Network: from Blockchain to Google Trends - An analysis of the crypto prices and search trends suggests the existence of big players (and not the regular users), manipulating the market after a drop in prices.
-
A DLT-based Smart Contract Architecture for Atomic and Scalable Trading - In this paper, authors propose an atomic, scalable and privacy-preserving protocol that enables secure and dynamic updates. Then develop a smart contract-based Credit-Note System (CNS) that allows participants to lock funds before a state channel initialisation, which enhances flexibility and efficiency.
-
Exploring Etherum Data Stores: A Cost and Performance Comparison -In this work, authors examine a comprehensive set of data management approaches for ETH apps and assess the associated cost in gas as well as the retrieval performance.
-
A Systematic Literature Review on Blockchain Governance - This study comprehensively investigates blockchain governance via 5W1H questions.
-
A general framework for blockchain analytics - Authors propose a general-purpose framework, supporting data analytics on Bitcoin Ethereum — it allows to integrate block data with data from other sources, and to organise them in a database.
-
AMR:Autonomous Coin Mixer with Privacy Preserving Reward Distribution - In this work, authors propose the first censorship resilient mixer, which can reward its users in a privacy-preserving manner for participating in the system.
-
Technology Review of Blockchain Data Privacy Solutions- This report aims to review existing enterprise blockchain technologies: EOSIO powered systems, Hyperledger Fabric and Besu, Consensus Quorum, R3 Corda and Ernst and Young’s Nightfall.
-
Blockchain Systems, Technologies and Applications: A Methodology Perspective - First, this article introduces how blockchain works, the research activity and challenge, and illustrates the roadmap involving the classic methodology with typical blockchain use cases and topics. Second, in blockchain system, how to adopt stochastic process, game theory, optimization, machine learning and cryptography to study blockchain running process and design blockchain protocol/algorithm are discussed in details.
-
Ethna: Analyzing the Underlying Peer-to-Peer Network of the Ethereum Blockchain - Ethna implements a novel method that accurately measures the degrees of Ethereum nodes.
-
Community Detection in Blockchain Social Networks - A novel community detection algorithm which is designed for low-rank signals on graph can help find users’ communities based on user-token subscription.
-
Block Access Control in Wireless Blockchain Network: Design, Modeling and Analysis - The results show that BAC approaches can help the network to achieve a high transaction throughput while improving block utilization and saving computational power. Meanwhile, the trade-off between transaction throughput and block utilization is demonstrated, which can act as a guidance for practical deployment of blockchain.
-
Towards External Calls for Blockchain and Distributed Ledger Technology - In this paper authors show that this belief is preconceived by demonstrating a method that enables blockchain and distributed ledger technologies to perform calls to external systems initiated from the blockchain/DLT itself.
-
Managing Blockchain Systems and Applications: A Process Model for Blockchain Configurations - Authors demonstrate the applicability of the proposed blockchain configuration process model on four blockchain projects
-
A Note on Optimal Fees for Constant Function Market Makers - Authors present framework that can be used to compute optimal fees for real world pools using past trade data.
-
Reward Mechanism for Blockchains Using Evolutionary Game Theory - In this paper, authors develop a reward mechanism framework that could apply to many PoS blockchains.
-
Summing Up Smart Transitions - In this paper, authors present a generalization of first-order logic which can express the unbounded sum of balances.
-
100+ Metrics for Software Startups - A Multi-Vocal Literature Review - Using data in the form of metrics can help software startups to make the right decisions amidst uncertainty and limited resources.
-
Blockchain Networks: Data Structures of Bitcoin , Monero, Zcash, Ethereum, Ripple and IOTA - Authors discuss how blockchain data can be abstracted as various types of networks, and how network abstractions used to reap insights into the structure.
-
Decentralized Finance: On Blockchain- and Smart Contract-Based Financial Markets - Written by Fabian Schar, gives an overview of blockchain based markets with technical details but in a digestable format; great paper for new comers to the space.
- All-about-NFT security
- All ETH security tools existing
- All good TG Dev communities
- Known smart contract-side and user-side attacks
- Solidity A-Z
- All known smart contract side and user side attacks
-
Dynamical Analysis of the EIP-1559 Ethereum Fee Market- Authors perform a thorough analysis of the resulting fee market dynamic mechanism via a combination of tools from game theory and dynamical systems.
-
Stochastic Properties of EIP1559 Basefees - Authors explain the new pricing mechanism for the Ethereum developed to bring stability to fluctuating gas prices.
-
Transaction Fee Mechanism Design for the Ethereum Blockchain: An Economic Analysis of EIP-1559 - This report assesses the game-theoretic strengths and weaknesses of the proposal and explores some alternative designs.
-
Quantifying Blockchain Extractable Value: How dark is the forest? - Authors provide evidence that miners already extract Miner Extractable Value (MEV), which could destabilize the blockchain consensus security, as related work has shown.
-
Flash Boys 2.0: Frontrunning, Transaction Reordering, and Consensus Instability in Decentralized Exchanges - Introduces the concept of MEV, the work highlights the large, complex risks created by transaction-ordering dependencies in smart contracts and the ways in which traditional forms of financial-market exploitation are adapting to and penetrating blockchain economies.
-
Flashbots: MEV in Eth2 - In this post, authors study transaction ordering in eth2 and analyze MEV-enabled staking yields. Then they find that MEV will significantly boost validator rewards but may reinforce inequalities among participants of eth2. Authors also discuss qualitative aspects of MEV in eth2 such as the potential dynamics that will unfold between its largest stakeholders like exchanges and validator pools.
-
A Survey on Blockchain Interoperability: Past, Present, and Future Trends - In this post, authors study blockchain interoperability techniques and solutions, providing a holistic overview of blockchain interoperability, paving the way for systematic research in this domain.
- Rekt News - Anonymous platform for whistleblowers and DeFi detectives to present their information to the community.
- Blockchain Threat Intelligence - Newsletter covering the latest security news, tools, events, vulnerabilities, and threats in the cryptocurrency landscape. Also supports this repo.
- Blockchain Graveyard - A list of all massive security breaches or thefts involving blockchains.
- All ETH security tools existing
- Ethstats
- ETH Forks
- Node Stats
- EVM Networks List
- BIP39 Derivation
- Vanity Generator
- Web Vanity Generator
- Vanity Eth Generators
- FindETH
- Eth Tx Decoder
- Ethereum input data decoder
- Ethereum Gas Charts
- Ethereum TxPool Statistics
- Gas Prices Dashboard
- The UI from ABI
- Oracles Club
- Tx Combo
- ETH or ERC-20 Mass-sender
- BulkSender
- ERC20 Meta Token Wrapper
- Cancel Ethereum Transaction
- Fees WTF Calculator
- Spend Gas Stats
- Pools Stats
- Solhint
- Solium
- Sol-tester
- Solidity-coverage
- TypeChain
- Tenderly
- dapp-bin - Ethereum repo providing implementations for many common data structures and utilities in Solidity, Serpent and LLL.
- Solidity Collections - Collections of code snippets and utility libraries.
- OpenZeppelin - Framework to build secure smart contracts.
- Zeppelin - Contains tested reusable smart contracts like SafeMath and OpenZeppelin SDK library for smart contract upgradeability
- cryptofin-solidity - A collection of Solidity libraries for building secure and gas-efficient smart contracts on Ethereum.
- Modular Libraries - A group of packages built for use on blockchains utilising the Ethereum Virtual Machine
- DateTime Library - A gas-efficient Solidity date and time library
- Aragon - DAO protocol. Contains aragonOS smart contract framework with focus on upgradeability and governance
- ARC - an operating system for DAOs and the base layer of the DAO stack.
- 0x - DEX protocol
- Token Libraries with Proofs - Contains correctness proofs of token contracts wrt. given specifications and high-level properties
- Provable API - Provides contracts for using the Provable service, allowing for off-chain actions, data-fetching, and computation
- ABDK Libraries for Solidity - Fixed-point (64.64 bit) and IEEE-754 compliant quad precision (128 bit) floating-point math libraries for Solidity
- Dappsys: Safe, simple, and flexible Ethereum contract building blocks
- MakerDAO
- The TAO
- Dapp-a-day 1-10
- Dapp-a-day 11-25
- OpenZeppelin Contracts: An open framework of reusable and secure smart contracts in the Solidity language.
- Blog about Best Practices with Security Audits
- Advanced Workshop with Assembly
- Simpler Ethereum Multisig - especially section Benefits
- CryptoFin Solidity Auditing Checklist - A checklist of common findings, and issues to watch out for when auditing a contract for a mainnet launch.
- aragonOS: A smart contract framework for building DAOs, Dapps and protocols
- Checks Effects Interactions Pattern
- Blog von Elena Dimitrova, Dev at colony.io
- Library driven development
- Advanced Solidity code deployment techniques
- OpenZeppelin on Proxy Libraries
- CryptoFin Solidity Auditing Checklist - A checklist of common findings, and issues to watch out for when auditing a contract for a mainnet launch.
- MythX - Security verification platform and tools ecosystem for Ethereum developers
- Mythril - Open-source EVM bytecode security analysis tool
- Oyente - Alternative static smart contract security analysis
- Securify - Security scanner for Ethereum smart contracts
- SmartCheck - Static smart contract security analyzer
- Ethersplay - EVM disassembler
- Evmdis - Alternative EVM disassembler
- Hydra - Framework for cryptoeconomic contract security, decentralised security bounties
- Solgraph - Visualise Solidity control flow for smart contract security analysis
- Manticore - Symbolic execution tool on Smart Contracts and Binaries
- Slither - A Solidity static analysis framework
- Adelaide - The SECBIT static analysis extension to Solidity compiler
- solc-verify - A modular verifier for Solidity smart contracts
- Solidity security blog - Comprehensive list of known attack vectors and common anti-patterns
- Awesome Buggy ERC20 Tokens - A Collection of Vulnerabilities in ERC20 Smart Contracts With Tokens Affected
- Free Smart Contract Security Audit - Free smart contract security audits from Callisto Network
- Piet - A visual Solidity architecture analyzer
- Web3.js - Javascript Web3
- Eth.js - Javascript Web3 alternative
- Ethers.js - Javascript Web3 alternative, useful utilities and wallet features
- light.js A high-level reactive JS library optimized for light clients.
- Web3Wrapper - Typescript Web3 alternative
- Ethereumjs - A collection of utility functions for Ethereum like ethereumjs-util and ethereumjs-tx
- Alchemy-web3.js - Javascript Web3 wrapper with automatic retries, access to Alchemy's enhanced APIs, and robust websocket connections.
- flex-contract and flex-ether - Modern, zero-configuration, high-level libraries for interacting with smart contracts and making transactions.
- ez-ens - Simple, zero-configuration Ethereum Name Service address resolver.
- web3x - A TypeScript port of web3.js. Benefits includes tiny builds and full type safety, including when interacting with contracts.
- Nethereum - Cross-platform Ethereum development framework
- dfuse - A TypeScript library to use dfuse Ethereum API
- Drizzle - Redux library to connect a frontend to a blockchain
- Tasit SDK - A JavaScript SDK for making native mobile Ethereum dapps using React Native
- useMetamask - a custom React Hook to manage Metamask in Ethereum ĐApp projects
- WalletConnect - Open protocol for connecting Wallets to Dapps
- Subproviders - Several useful subproviders to use in conjunction with Web3-provider-engine (including a LedgerSubprovider for adding Ledger hardware wallet support to your dApp)
- ethvtx - ethereum-ready & framework-agnostic redux store configuration. docs
- Strictly Typed - Javascript alternatives
- elm-ethereum
- purescript-web3
- ChainAbstractionLayer - Communicate with different blockchains (including Ethereum) using a single interface.
- Delphereum - a Delphi interface to the Ethereum blockchain that allows for development of native dApps for Windows, macOS, iOS, and Android.
- Torus - Open-sourced SDK to build dapps with a seamless onboarding UX
- Fortmatic - A simple to use SDK to build web3 dApps without extensions or downloads.
- Portis - A non-custodial wallet with an SDK that enables easy interaction with DApps without installing anything.
- create-eth-app - Create Ethereum-powered front-end apps with one command.
- Scaffold-ETH - Beginner friendly forkable github for getting started building smart contracts.
- Jolly Roger - dApp framework using ethereum, buidler, svelte and thegraph
- Notify.js - Deliver real-time notifications to your users. With built-in support for Speed-Ups and Cancels, Blocknative Notify.js helps users transact with confidence. Notify.js is easy to integrate and quick to customize.
- Web3.py - Python Web3
- Web3.php - PHP Web3
- Ethereum-php - PHP Web3
- Web3j - Java Web3
- Nethereum - .Net Web3
- Ethereum.rb - Ruby Web3
- rust-web3 - Rust Web3
- ethers-rs - Ethers-rs
- Web3.hs - Haskell Web3
- KEthereum - Kotlin Web3
- Eventeum - A bridge between Ethereum smart contract events and backend microservices, written in Java by Kauri
- Ethereumex - Elixir JSON-RPC client for the Ethereum blockchain
- Ethereum-jsonrpc-gateway - A gateway that allows you to run multiple Ethereum nodes for redundancy and load-balancing purposes. Can be ran as an alternative to (or on top of) Infura. Written in Golang.
- EthContract - A set of helper methods to help query ETH smart contracts in Elixir
- Ethereum Contract Service - A MESG Service to interact with any Ethereum contract based on its address and ABI.
- Ethereum Service - A MESG Service to interact with events from Ethereum and interact with it.
- Marmo - Python, JS, and Java SDK for simplifying interactions with Ethereum. Uses relayers to offload transaction costs to relayers.
- Ethereum Logging Framework - provides advanced logging capabilities for Ethereum applications and networks including a query language, query processor, and logging code generation
- Besu - an open-source Ethereum client developed under the Apache 2.0 license and written in Java. The project is hosted by Hyperledger.
- Geth - Go client
- Erigon - a mostly Go implementation of Ethereum client built on the efficiency frontier
- OpenEthereum - Rust client, formerly called Parity. On path to deprecation in favor of Erigon.
- Aleth - C++ client
- Nethermind - .NET Core client
- Infura - A managed service providing Ethereum client standards-compliant APIs
- Trinity - Python client using py-evm
- Ethereumjs - JS client using ethereumjs-vm
- Seth - Seth is an Ethereum client tool—like a "MetaMask for the command line"
- Mustekala - Ethereum Light Client project of Metamask
- Exthereum - Elixir client
- EWF Parity - Energy Web Foundation client for the Tobalaba test network
- Quorum - A permissioned implementation of Ethereum supporting data privacy by JP Morgan
- Awesome Quorum - A curated list of awesome softwares, libraries, tools and more to build on ConsenSys Quorum.
- Mana - Ethereum full node implementation written in Elixir.
- Chainstack - A managed service providing shared and dedicated Geth nodes
- QuikNode - Blockchain developer cloud with API access and node-as-a-service.
- Watchdata - Provide simple and reliable API access to Ethereum blockchain
- IPFS - Decentralised storage and file referencing
- Mahuta - IPFS Storage service with added search capability, formerly IPFS-Store
- OrbitDB - Decentralised database on top of IPFS
- JS IPFS API - A client library for the IPFS HTTP API, implemented in JavaScript
- TEMPORAL - Easy to use API into IPFS and other distributed/decentralised storage protocols
- PINATA - The Easiest Way to Use IPFS
- Swarm - Distributed storage platform and content distribution service, a native base layer service of the Ethereum web3 stack
- Infura - A managed IPFS API Gateway and pinning service
- 3Box Storage - An api for user controlled, distrubuted storage. Built on top of IPFS and Orbitdb.
- Aleph.im - an offchain incentivized peer-to-peer cloud project (database, file storage, computing and DID) compatible with ETH and IPFS.
- Fleek - similar to netlify but uses ipfs for hosting websites.
- Truffle boxes - Packaged components for the Ethereum ecosystem
- Create Eth App - Create Ethereum-powered frontend apps with one command
- Besu Private Network - Run a private network of Besu nodes in a Docker container
- Testchains - Pre-configured .NET devchains for fast response (PoA)
- Blazor/Blockchain Explorer - Wasm blockchain explorer (functional sample)
- Local Raiden - Run a local Raiden network in docker containers for demo and testing purposes
- Private networks deployment scripts - Out-of-the-box deployment scripts for private PoA networks
- Parity Demo-PoA Tutorial - Step-by-Step tutorial for building a PoA test chain with 2 nodes with Parity authority round consensus
- Local Ethereum Network - Out-of-the-box deployment scripts for private PoW networks
- Kaleido - Use Kaleido for spinning up a consortium blockchain network. Great for PoCs and testing
- Cheshire - A local sandbox implementation of the CryptoKitties API and smart contracts, available as a Truffle Box
- aragonCLI - aragonCLI is used to create and develop Aragon apps and organizations.
- ColonyJS - JavaScript client that provides an API for interacting with the Colony Network smart contracts.
- ArcJS - Library that facilitates javascript application access to the DAOstack Arc ethereum smart contracts.
- Arkane Connect - JavaScript client that provides an API for interacting with Arkane Network, a wallet provider for building user-friendly dapps.
- Onboard.js - Blocknative Onboard is the quick and easy way to add multi-wallet support to your project. With built-in modules for more than 20 unique hardware and software wallets, Onboard saves you time and headaches.
- web3-react - React framework for building single-page Ethereum dApps
- ABI decoder - library for decoding data params and events from Ethereum transactions
- ABI-gen - Generate Typescript contract wrappers from contract ABI's.
- Ethereum ABI UI - Auto-generate UI form field definitions and associated validators from an Ethereum contract ABI
- headlong - type-safe Contract ABI and Recursive Length Prefix library in Java
- EasyDapper - Generate dapps from Truffle artifacts, deploy contracts on public/private networks, offers live customizable public page to interact with contracts.
- One Click dApp - Instantly create a dApp at a unique URL using the ABI.
- Truffle Pig - a development tool that provides a simple HTTP API to find and read from Truffle-generated contract files, for use during local development. Serves fresh contract ABIs over http.
- Ethereum Contract Service - A MESG Service to interact with any Ethereum contract based on its address and ABI.
- Nethereum-CodeGenerator - A web based generator which creates a Nethereum based C# Interface and Service based on Solidity Smart Contracts.
- Truffle Teams - Zero-Config continuous integration for truffle projects
- Solidity code coverage - Solidity code coverage tool
- Solidity coverage - Alternative code coverage for Solidity smart-contracts
- Solidity function profiler - Solidity contract function profiler
- Sol-profiler - Alternative and updated Solidity smart contract profiler
- Espresso - Speedy, parallelised, hot-reloading solidity test framework
- Eth tester - Tool suite for testing Ethereum applications
- Cliquebait - Simplifies integration and accepting testing of smart contract applications with docker instances that closely resembles a real blockchain network
- Hevm - The hevm project is an implementation of the Ethereum virtual machine (EVM) made specifically for unit testing and debugging smart contracts
- Ethereum graph debugger - Solidity graphical debugger
- Tenderly CLI - Speed up your development with human readable stack traces
- Solhint - Solidity linter that provides security, style guide and best practice rules for smart contract validation
- Ethlint - Linter to identify and fix style & security issues in Solidity, formerly Solium
- Decode - npm package which parses tx's submitted to a local testrpc node to make them more readable and easier to understand
- truffle-assertions - An npm package with additional assertions and utilities used in testing Solidity smart contracts with truffle. Most importantly, it adds the ability to assert whether specific events have (not) been emitted.
- Psol - Solidity lexical preprocessor with mustache.js-style syntax, macros, conditional compilation and automatic remote dependency inclusion.
- solpp - Solidity preprocessor and flattener with a comprehensive directive and expression language, high precision math, and many useful helper functions.
- Decode and Publish – Decode and publish raw ethereum tx. Similar to https://live.blockcypher.com/btc-testnet/decodetx/
- Doppelgänger - a library for mocking smart contract dependencies during unit testing.
- rocketh - A simple lib to test ethereum smart contract that allow to use whatever web3 lib and test runner you choose.
- pytest-cobra - PyTest plugin for testing smart contracts for Ethereum blockchain.
| Check out Author's methodology, carefully read all parts of thread
- BlockPath
- Maltego
- GraphSense
- AML Bot Investigation Regime
- Bank Verified
- Orbit
- Arronax
- Blockscout
- BTC Parser
- Txstreet
- Nansen
- Bloxy
- Solana Explorer
- Elliptic
- ANChain AI
- Cipher Trace
- Crystal Blockchain
- Uppsala Security
- Coinfirm
- Solidus Labs
- TRM Labs
- Halborn Forensic
- Visual List
- GLP
- BreadCrumbs
- Tenderly
- Dune
- ETH Detective
Support is very important to me, with it I can spend less time at work and do what I love - educating DeFi & Crypto users 💖
If you want to support my work, you can send me a donation to the address:
0xB25C5E8fA1E53eEb9bE3421C59F6A66B786ED77A — ERC20 & ETH (officercia.eth)
17Ydx9m7vrhnx4XjZPuGPMqrhw3sDviNTU - BTC
(👍 ͡❛ ͜ʖ ͡❛)👍