DeFi Developer Road Map
Here we collect and discuss the best DeFi & Blockchain researches and tools - contributions are welcome.
Feel free to submit a pull request, with anything from small fixes to translations, docs or tools you'd like to add.
- Disclaimer: All information (tools, links, articles, text, images, etc.) is provided for educational purposes only! All information is also based on data from public sources. You are solely responsible for your actions, not the author ❗️
Translations:
Roadmap
Navigation
Alternative navigation ❗️
#
Translations
- [French](https://github.com/OffcierCia/DeFi-Developer-Road-Map/blob/main/translations/README_fr.md)
- [Korean](https://github.com/OffcierCia/DeFi-Developer-Road-Map/blob/main/translations/README_ko.md)
- [Japanese](https://www.wenyanet.com/opensource/ja/6304f1549168d4612c5c5064.html)
- [Italiano](https://github.com/OffcierCia/DeFi-Developer-Road-Map/blob/main/translations/README_it.md)
- [Telugu](https://github.com/OffcierCia/DeFi-Developer-Road-Map/blob/main/translations/README_tel.md)
- [Gujarati](https://github.com/OffcierCia/DeFi-Developer-Road-Map/blob/main/translations/README_guj.md)
- [Spanish](https://github.com/OffcierCia/DeFi-Developer-Road-Map/blob/main/translations/README_es.md)
- [Chinese](https://github.com/OffcierCia/DeFi-Developer-Road-Map/blob/main/translations/README_cn.md)
#
| Special Notes:
Basics:
Ethereum
- Learn the basics of Ethereum
- Ethereum Virtual Machine (EVM): turing complete
- Learn about Wallets, Accounts (EOA), Private/Public Keys
- Learn about transactions, Gas, Metamask
- Ethereum clients/Nodes, Geth
- Infura infrastructure
EVM
Check out
Useful Information
Directions
Smart Contract
Resources to learn Solidity
Smart Contract Standards
- ERCs - Ethereum Improvement Proposals
Tokens
Others
- ERC-165 - Creates a standard method to publish and detect what interfaces a smart contract implements.
- ERC-725 - A standard interface for a simple proxy account.
- ERC-173 - A standard interface for ownership of contracts.
General Development Skills
- Learn GIT
- Create a few repositories on GitHub / GitLab
- Share your code with other people!
- know HTTP(S) protocol, request methods (GET, POST, PUT, PATCH, DELETE, OPTIONS)
- Don't be afraid of using Google, Power Searching with Google
- Get familiar with terminal (Linux/Docker), configure your shell (bash, zsh, fish)
- Read a few books about algorithms and data structures, blockchain, Ethereum, solidity
- Do this course Ethereum and Solidity: The Complete Developer's Guide
- Free tutorial Learning Solidity
- Introduction to Smart Contract Development with Solidity and ERC20 Programming
- Tudelft Repo
- Ethers.org Library
- Web3js.org Library
- TypeChain Library
- Viem Library
- web3.py - for Python
- The Framework to help you securing your protocol
Try this tools:
dApps
- Get familiar with tools that you will be using:
Package Managers
IDE's
Practice
ZK-SNARKs
General info
ZK-STARKs
Frameworks
Truffle Suite
Akula
- Akula - an implementation of Ethereum protocol ("client") written in Rust, based on Erigon architecture.
ZeppelinOS
Labs.Superblock
Note: Superblocks is depreciated
Infura (A Gateway to Ethereum)
NodeReal(A high-performance node service)
Other Frameworks
- Frameworks List - Ethereum Frameworks Listing.
- Hardhat - Flexible, extensible and fast Ethereum development environment.
- Ape - The smart contract development tool for Pythonistas, Data Scientists, and Security Professionals.
- Brownie - Brownie is a Python framework for deploying, testing and interacting with Ethereum smart contracts.
- Embark - Framework for DApp development
- Waffle - Framework for advanced smart contract development and testing, small, flexible, fast (based on ethers.js)
- Etherlime - ethers.js based framework for Dapp deployment
- Parasol - [Depreciated] Agile smart contract development environment with testing, INFURA deployment, automatic contract documentation and more. It features a flexible and unopinionated design with unlimited customizability
- 0xcert - JavaScript framework for building decentralized applications
- OpenZeppelin SDK - OpenZeppelin SDK: A suite of tools to help you develop, compile, upgrade, deploy and interact with smart contracts.
- sbt-ethereum - A tab-completey, text-based console for smart-contract interaction and development, including wallet and ABI management, ENS support, and advanced Scala integration.
- Cobra - A fast, flexible and simple development environment framework for Ethereum smart contract, testing and deployment on Ethereum virtual machine(EVM).
- Ether Jar Java integration library for Ethereum blockchain
- Starport - A CLI tool for building sovereign IBC-enabled blockchains.
- Sign in with Ethereum | SIWE- Workflow to authenticate Ethereum accounts using message signing in order to establish a cookie-based web session that manages user metadata.
- Foundry - A smart contract development toolchain for project compilation, dependency management, testing, deployments, on-chain interactions...
- Solmate - These contracts have been audited but they were not developed with users in mind. They mainly seek to optimize gas and optimizations for smart contract development
- Supercool - Relayer infra for meta-transaction and account-abstraction superpowers: automate smart contract interactions, create gasless transactions, and more.
Interacting with Smart Contract
Python Ethereum Eco System
Distributed Storage Systems
Test Blockchain Networks
- Paradigm Faucet - claim testnet ETH here
- Ethnode - Run an Ethereum node (Geth or Parity) for development, as easy as
npm i -g ethnode && ethnode
.
- Ganache - App for test Ethereum blockchain with visual UI and logs
- Kaleido - Use Kaleido for spinning up a consortium blockchain network. Great for PoCs and testing
- Besu Private Network - Run a private network of Besu nodes in a Docker container
- Orion - Component for performing private transactions by PegaSys
- Artemis - Java implementation of the Ethereum 2.0 Beacon Chain by PegaSys
- Cliquebait - Simplifies integration and accepting testing of smart contract applications with docker instances that closely resemble a real blockchain network
- Local Raiden - Run a local Raiden network in docker containers for demo and testing purposes
- Private networks deployment scripts - Out-of-the-box deployment scripts for private PoA networks
- Local Ethereum Network - Out-of-the-box deployment scripts for private PoW networks
- Ethereum on Azure - Deployment and governance of consortium Ethereum PoA networks
- Ethereum on Google Cloud - Build Ethereum network based on Proof of Work
- Infura - Ethereum API access to Ethereum networks (Mainnet, Ropsten, Rinkeby, Goerli, Kovan)
- CloudFlare Distributed Web Gateway - Provides access to the Ethereum network through the Cloudflare instead of running your own node
- Chainstack - Shared and dedicated Ethereum nodes as a service (Mainnet, Ropsten, Rinkeby)
- Alchemy - Blockchain Developer Platform, Ethereum API, and Node Service (Mainnet, Ropsten, Rinkeby, Goerli, Kovan)
- ZMOK - JSON-RPC Ethereum API (Mainnet, Rinkeby, Front-running Mainnet)
- Watchdata - Provide simple and reliable API access to Ethereum blockchain
- GetBlock - Blockchain RPC access to Ethereum blockchain and 50 + others
Test Ether Faucets
Front End
UI Components
Project management
- Dework | Web3 Trello with token payments, credentials, bounties...
- Wonderverse | Jira alternative with an intuitive task management system that allows DAOs to pay contributors and collaborate in their projects.
Important (security)
Further Readings
Inspired by:
Security & Safety:
#
- Blockchain Security Roadmap - This article will be laying down a path/roadmap, following which users will easily enter into the field of Blockchain Security together.
- The Eye of Horus: Spotting and Analyzing Attacks on Ethereum Smart Contracts -Investigation shows that the number of attacks did not necessarily decrease over the past few years, but for some vulnerabilities remained constant.
- Analysis of Bitcoin Vulnerability to Bribery Attacks Launched Through Large Transactions - In this paper, authors design a novel bribery attack and show that this guarantee can be hugely undermined.
- Vulnerability of Blockchain Technologies to Quantum Attacks - Here authors analyze the major blockchain-based cryptocurrencies deployed today -- including Bitcoin, Ethereum, Litecoin and ZCash, and determine risk exposure to quantum attacks.
- BLOCKEYE - Hunting For DeFi Attacks on Blockchain. In this paper, authors proposed BLOCKEYE, a real-time attack detection system for DeFi projects on the Ethereum blockchain.
- Topological Anomaly Detection in Dynamic Multilayer Blockchain Networks - Authors introduce a new topological perspective to structural anomaly detection in dynamic multilayer networks.
- Verification of the Incremental Merkle Tree Algorithm with Dafny - Authors present our new and original correctness proof of the algorithm along with the Dafny machine-checkable version.
- GoHammer Blockchain Performance Test Tool - This tool will help in developing more efficient decentralized systems and will affect decreasing the costs of developing decentralized application projects.
- EtherClue: Digital investigation of attacks on Ethereum smart contracts - In this work, authors study the problem of post-factum investigation of Ethereum attacks using Indicators of Compromise specially crafted for use in the blockchain.
- Requirement Analyses and Evaluations of Blockchain Platforms per Possible Use Cases - This document provides a generic model of understanding blockchain and its applications.
- A Note on Privacy in Constant Function Market Makers - In this note, authors show that privacy is impossible with the usual implementations of CFMMs under most reasonable models of an adversary and provide some mitigating strategies.
- A Survey of Security Vulnerabilities in Ethereum Smart Contracts - This paper explains eight vulnerabilities that are specific to the application level of BT by analyzing the exploitation case scenarios of these vulnerabilities.
- An approach to detect Denial of Service Vulnerability in Ethereum Smart Contracts - In this paper, authors propose a framework that combines static and dynamic analysis to detect DoS due to an unexpected revert in ETH Smart Contracts.
- AGSolT: a Tool for Automated Test-Case Generation for Solidity Smart Contracts - Authors found that AGSolT is capable of achieving high branch overage with both approaches and even discovered some errors in some of the most popular Solidity smart contracts on Github.
- Temporal-Amount Snapshot MultiGraph for Ethereum Transaction Tracking - Authors propose TASMG to model Ethereum transaction records as a temporal-amount network and then present TAW to effectively embed accounts via their transaction records, which integrates temporal and amount information of the proposed network.
- Demystifying Cryptocurrency Mining Attacks: A Semi-supervised Learning Approach Based on Digital Forensics and Dynamic Network Characteristics - This paper addresses the detection of crypto mining attacks in a generic network environment using dynamic network characteristics.
- FASTEN: Fair and Secure Distributed Voting Using Smart Contracts - Authors prove that the probability of privacy breaches is negligibly small. Further, cost analysis of executing FASTEN over Ethereum is comparable to most of the existing cost of elections.
- Interdependencies between Mining Costs, Mining Rewards and Blockchain Security - This paper studies to what extent the cost of operating a proof-of-work blockchain is intrinsically linked to the cost of preventing attacks, and to what extent the underlying digital ledger security budgets are correlated with the cryptocurrency market outcomes
- HyperSec: Visual Analytics for blockchain security monitoring - HyperSec, a visual analytics monitoring tool that provides relevant information at a glance to detect ongoing attacks on Hyperledger Fabric.
- Reentrancy Vulnerability Identification in Ethereum Smart Contracts - In this paper, authors present a framework that combines static and dynamic analysis to detect Reentrancy vulnerabilities in Ethereum smart contracts.
- A General Framework for the Security Analysis of Blockchain Protocols - This paper presents a parsimonious abstraction sufficient for capturing and comparing properties of many well-known permissionless blockchain protocols.
- Coinbugs: Enumerating Common Blockchain Implementation-Level Vulnerabilities - The paper is aimed at security testers aiming to start out in blockchain security reviews and blockchain developers as a reference on common pitfalls.
- Vulnerabilities and Open Issues of Smart Contracts: A Systematic Mapping - This paper conducted a systematic literature mapping identifying initiatives and tools to analyze SCs and how to deal with the identified vulnerabilities.
- SuMo: A Mutation Testing Strategy for Solidity Smart Contracts - Authors report a first evaluation of SuMo on open-source projects for which test suites were available. The results authors got are encouraging, and they suggest that SuMo can effectively help developers to deliver more reliable smart contracts.
- (In)Stability for the Blockchain: Deleveraging Spirals and Stablecoin Attacks - The possibility of deleveraging spirals was first predicted in the initial release of this paper in 2019 and later observed in the Black Thursday crisis in Dai in 2020.
- An Anonymous Trust-Marking Scheme on Blockchain Systems - In this paper, authors propose an anonymous trust-marking scheme on blockchain systems that is universally applicable to any cryptocurrency.
- A Framework and DataSet for Bugs in Ethereum Smart Contracts - In this paper, to fill the gap, authors first collect as many smart contract bugs as possible from multiple sources and divide these bugs into 9 categories by extending the IEEE Standard Classification for Software Anomalies.
- Bitwise Operations and Bit Manipulation in Solidity, Ethereum
- BitMaps
- Reentrancy Guard 2.0
- A Secure Multi-chains Consensus Scheme Against Diverse Miners Behaviors Attacks in Blockchain Networks. - Experimental results show that PoDT is secure against DMB attacks and more effective than traditional consensus schemes in multi-chains environments.
- A Survey on Consortium Blockchain Consensus Mechanisms - This paper highilights several state-of-the art solutions in consensus algorithms for enterprise blockchain.
- Web3 Evasion Techniques
- Extracting Smart Contracts Tested and Verified in Coq - Authors implement extraction of Coq programs to functional languages based on MetaCoq's certified erasure.
- Trustless, privacy-preserving blockchain bridges - In this paper, authors present a protocol for facilitating trust-less cross-chain cryptocurrency transfers that preserve privacy of bridge withdrawals.
- Security checklists for Ethereum smart contract development: patterns and best practices - Authors cover the phases of design, coding, and testing and deployment of the software lifecycle.
- Dynamic Vulnerability Detection on Smart Contracts Using Machine Learning - In this work authors propose Dynamit, a monitoring framework to detect reentrancy vulnerabilities in Ethereum smart contracts.
- Targeting the Weakest Link: Social Engineering Attacks in Ethereum Smart Contracts - In this work, authors explore the possibility and existence of new social engineering attacks beyond smart contract honeypots.
- OptSmart: A Space Efficient Optimistic Concurrent Execution of Smart Contracts - In this paper, authors develop a concurrent miner that proposes a block by executing the AUs concurrently using optimistic Software Transactional Memory systems (STMs).
- DEFECTCHECKER: Automated Smart Contract Defect Detection by Analyzing EVM Bytecode - Experimental results show that DefectChecker performs much better than these tools in terms of both speed and accuracy.
- SmartBugs: A Framework to Analyze Solidity Smart Contracts - Authors show how it enables easy integration and comparison of analysis tools by presenting a new extension to the tool SmartCheck that improves substantially the detection of vulnerabilities related to the DASP10 categories Bad Randomness, Time Manipulation, and Access Control (identified vulnerabilities increased from 11% to 24%).
- Profiling Gas Leaks in Solidity Smart Contracts - In this paper, authors identify a set of 19 Solidity code smells affecting the deployment and transaction costs of a smart contract, and assess the relevance of such smells through a survey involving 34 participants.
- Securing Parallel-chain Protocols under Variable Mining Power - In this paper, authors consider the design of provably secure parallel-chain protocols which can adapt to such mining power variations.
- Ethereum SmartContract Vulnerability Detection using Deep Neural Network and Transfer Learning - ESCORT framework enables transfer learning on new vulnerability types with minimal modification of the DNN model architecture and re-training overhead.
- SCSGuard: Deep Scam Detection for Ethereum Smart Contracts - Experimental results manifest that SCSGuard achieves high accuracy (0.94), precision (0.96\%) and recall (0.98) for both Ponzi and Honeypot scams, and new Phishing smart contracts.
- Securing Cyber-Physical Systems Through Blockchain-Based Digital Twins and Threat Intelligence - This article focuses on securing CPSs by integrating Artificial Intelligence (AI) and blockchain for intelligent and trusted DTs.
- A Survey on Blockchain Interoperability: Past, Present, and Future Trends - In this post, authors study blockchain interoperability techniques and solutions, providing a holistic overview of blockchain interoperability, paving the way for systematic research in this domain.
- SoK: Transparent Dishonesty: front-running attacks on Blockchain - A paper on secure smart contract designs decisions and front-running possibilities on DApps.
- SoK: Oracles from the Ground Truth to Market Manipulation - A paper that systemizes the design alternatives for oracles, showcases attacks, and discusses attack mitigation strategies.
Web2 cybersecurity
Web3 cybersecurity
- Ethernaut by OpenZeppelin - A collection of Web3 wargamees inspired by OverTheWire in the context of the Ethereum Virtual Machine (EVM). Each level is a smart contract that needs to be hacked.
- Damn Vulnerable Defi - An offensive security playground to learn red team cybersecurity in the context of DeFi and smart contracts. Examples include tasks where the users needs to stop the system from working, take out funds from a contract...
- Damn Vulnerable DeFi | Foundry - Same as Damn Vulnerable DeFi but in the context of the foundry development framework.
Web3 CTF (Capture The Flag)
- Capture the Ether - Traditional game consisting of a series of categorized challenges where the user earns points after every successful challenge. The goal is to make the
isComplete()
function return true.
- Paradigm CTF
DeFI
- Finematics - Educational videos on DeFi
- Formal Analysis of Composable DeFi Protocols - In this paper, authors propose a formal process-algebraic technique that models DeFi protocols in a compositional manner to allow for efficient property verification.
- Transaction Fee Mechanism Design - Authors explain the behavior of fees in blockchains.
- DeFi-ning DeFi: Challenges & Pathway - Good Retrospective into the beginning of decentralized finance.
- A theory of Automated Market Makers in DeFi - Authors exploit our theory to formally prove a set of fundamental properties of AMMs, characterizing both structural and economic aspects.
- From banks to DeFi: the evolution of the lending market - Authors discuss the persisting reliance of DeFi lending on the traditional financial system, and conclude with the outlook of the lending market in the IOV era.
- On the Just-In-Time Discovery of Profit-Generating Transactions in DeFi Protocols -In this paper, authors investigate two methods that allow them to automatically create profitable DeFi trades.
- Maximizing Extractable Value from Automated Market Makers - In this paper authors formally characterize rational miners as players which follow an optimal strategy in the mining game.
- The Decentralized Financial Crisis - In this paper authors explore how design weaknesses and price fluctuations in DeFi protocols could lead to a DeFi crisis.
- Liquidations: DeFi on a Knife-edge- In order to protect protocols from suffering losses, undercollateralized positions can be liquidated. In this paper, authors present empirical analysis of liquidations on protocols for loanable funds (PLFs).
- Measuring Asset Composability as a Proxy for DeFi Integration - Authors seek to understand the degree to which this practice may contribute to financial integration on Ethereum by examining transactions in 'composed' derivatives for the assets DAI, USDC, USDT, ETH and tokenized BTC for the full set of 344.8 million Ethereum transactions computed in 2020.
- Dynamic Curves for Decentralized Autonomous Cryptocurrency Exchanges - Authors propose in this work a new approach to constructing the AMM by proposing the idea of dynamic curves.
- High-Frequency Trading on Decentralized On-Chain Exchanges - In this work authors formalize, analytically exposit and empirically evaluate an augmented variant of front-running: sandwich attacks, which involve front- and back-running victim TXs.
- Flashot - A Snapshot of Flash Loan Attack on DeFi Ecosystem.
- DeFiRanger - Detecting Price Manipulation Attacks on DeFi Applications.
- Attacking the DeFi Ecosystem with Flash Loans for Fun and Profit - Flash Loans. DeFi. Classic.
- SoK: Decentralized Finance (DeFi) - In this Systematization of Knowledge (SoK), authors delineate the DeFi ecosystem along its principal axes. SCSGuard: Deep Scam Detection for Ethereum Smart Contracts
- Empirical Evidence from four Governance Token Distributions - This paper provides a framework to quantify decentralization of governance power among blockchain applications.
- The Adoption of Blockchain-based Decentralized Exchanges - Authors show that liquidity providers lose token value if exchange rates are volatile due to the order execution mechanism of the blockchain-based exchange.
- An analysis of Uniswap markets -One of the best studies on Uniswap DEX activity, authors started researching in 2019 and recently released fresh 2021 analysis.
- Finance 4.0: Design principles for a value-sensitive cryptoecnomic system to address sustainability - Authors provide new insights on designing crypto systems.
- Behavior of Liquidity Providers in Decentralized Exchanges - Authors aim to understand how liquidity providers react to market information and how they benefit from providing liquidity in DEX.
- Cyclic Arbitrage in Decentralized Exchange Markets - Good Read. This paper suggests that with the smart contract technology and the replicated state machine setting of Ethereum, arbitrage strategies are easier implemented in DEXes than in CEX.
- SoK: Oracles from the Ground Truth to Market Manipulation - In this SoK, authors systemize the design alternatives for oracles, showcase attacks, and discuss attack mitigation strategies.
- Composing Networks of Automated Market Makers - This paper proposes a mathematical model for AMM composition.
- Blockchain Oracle Design Patterns - In this paper, authors will study and analyze blockchain oracles with regard to how they provide feedback to the blockchain and smart contracts.
- CeFi vs. DeFi - Comparing Centralized to Decentralized Finance - In this work, authors systematically analyze the differences between CeFi and DeFi, covering legal, economic, security, privacy and market manipulation. Authors also provide a structured methodology to differentiate between a CeFi and a DeFi service.
Ethereum Name Service
Non-Fungible Token (NFT):
Stable-Coins:
General information:
- A Big Data Analysis of the Ethereum Network: from Blockchain to Google Trends - An analysis of the crypto prices and search trends suggests the existence of big players (and not the regular users), manipulating the market after a drop in prices.
- A DLT-based Smart Contract Architecture for Atomic and Scalable Trading - In this paper, authors propose an atomic, scalable and privacy-preserving protocol that enables secure and dynamic updates. Then develop a smart contract-based Credit-Note System (CNS) that allows participants to lock funds before a state channel initialisation, which enhances flexibility and efficiency.
- Exploring Ethereum Data Stores: A Cost and Performance Comparison -In this work, authors examine a comprehensive set of data management approaches for ETH apps and assess the associated cost in gas as well as the retrieval performance.
- A Systematic Literature Review on Blockchain Governance - This study comprehensively investigates blockchain governance via 5W1H questions.
- A general framework for blockchain analytics - Authors propose a general-purpose framework, supporting data analytics on Bitcoin Ethereum — it allows to integrate block data with data from other sources, and to organise them in a database.
- AMR:Autonomous Coin Mixer with Privacy Preserving Reward Distribution - In this work, authors propose the first censorship resilient mixer, which can reward its users in a privacy-preserving manner for participating in the system.
- Technology Review of Blockchain Data Privacy Solutions- This report aims to review existing enterprise blockchain technologies: EOSIO powered systems, Hyperledger Fabric and Besu, Consensus Quorum, R3 Corda and Ernst and Young’s Nightfall.
- Blockchain Systems, Technologies and Applications: A Methodology Perspective - First, this article introduces how blockchain works, the research activity and challenge, and illustrates the roadmap involving the classic methodology with typical blockchain use cases and topics. Second, in blockchain system, how to adopt stochastic process, game theory, optimization, machine learning and cryptography to study blockchain running process and design blockchain protocol/algorithm are discussed in details.
- Ethna: Analyzing the Underlying Peer-to-Peer Network of the Ethereum Blockchain - Ethna implements a novel method that accurately measures the degrees of Ethereum nodes.
- Community Detection in Blockchain Social Networks - A novel community detection algorithm which is designed for low-rank signals on graph can help find users’ communities based on user-token subscription.
- Block Access Control in Wireless Blockchain Network: Design, Modeling and Analysis - The results show that BAC approaches can help the network to achieve a high transaction throughput while improving block utilization and saving computational power. Meanwhile, the trade-off between transaction throughput and block utilization is demonstrated, which can act as a guidance for practical deployment of blockchain.
- Towards External Calls for Blockchain and Distributed Ledger Technology - In this paper authors show that this belief is preconceived by demonstrating a method that enables blockchain and distributed ledger technologies to perform calls to external systems initiated from the blockchain/DLT itself.
- Managing Blockchain Systems and Applications: A Process Model for Blockchain Configurations - Authors demonstrate the applicability of the proposed blockchain configuration process model on four blockchain projects
- A Note on Optimal Fees for Constant Function Market Makers - Authors present framework that can be used to compute optimal fees for real world pools using past trade data.
- Reward Mechanism for Blockchains Using Evolutionary Game Theory - In this paper, authors develop a reward mechanism framework that could apply to many PoS blockchains.
- Summing Up Smart Transitions - In this paper, authors present a generalization of first-order logic which can express the unbounded sum of balances.
- 100+ Metrics for Software Startups - A Multi-Vocal Literature Review - Using data in the form of metrics can help software startups to make the right decisions amidst uncertainty and limited resources.
- Blockchain Networks: Data Structures of Bitcoin , Monero, Zcash, Ethereum, Ripple and IOTA - Authors discuss how blockchain data can be abstracted as various types of networks, and how network abstractions used to reap insights into the structure.
- Decentralized Finance: On Blockchain- and Smart Contract-Based Financial Markets - Written by Fabian Schar, gives an overview of blockchain based markets with technical details but in a digestable format; great paper for new comers to the space.
Special Author's compilations:
Side-Chains
EIP - 1559
Ethereum 2.0
MEV - Maximal Extractable Value / Miner Extractable Value:
- Quantifying Blockchain Extractable Value: How dark is the forest? - Authors provide evidence that miners already extract Miner Extractable Value (MEV), which could destabilize the blockchain consensus security, as related work has shown.
- Flash Boys 2.0: Frontrunning, Transaction Reordering, and Consensus Instability in Decentralized Exchanges - Introduces the concept of MEV, the work highlights the large, complex risks created by transaction-ordering dependencies in smart contracts and the ways in which traditional forms of financial-market exploitation are adapting to and penetrating blockchain economies.
- Flashbots: MEV in Eth2 - In this post, authors study transaction ordering in eth2 and analyze MEV-enabled staking yields. Then they find that MEV will significantly boost validator rewards but may reinforce inequalities among participants of eth2. Authors also discuss qualitative aspects of MEV in eth2 such as the potential dynamics that will unfold between its largest stakeholders like exchanges and validator pools.
- A Survey on Blockchain Interoperability: Past, Present, and Future Trends - In this post, authors study blockchain interoperability techniques and solutions, providing a holistic overview of blockchain interoperability, paving the way for systematic research in this domain.
Discussion
Hacks in Web3
Tools Collection
Ethereum Tools
Libraries
- dapp-bin - Ethereum repo providing implementations for many common data structures and utilities in Solidity, Serpent and LLL.
- Solidity Collections - Collections of code snippets and utility libraries.
- OpenZeppelin - Framework to build secure smart contracts.
Ideas
Popular Smart Contract Libraries
- Zeppelin - Contains tested reusable smart contracts like SafeMath and OpenZeppelin SDK library for smart contract upgradeability
- cryptofin-solidity - A collection of Solidity libraries for building secure and gas-efficient smart contracts on Ethereum.
- Modular Libraries - A group of packages built for use on blockchains utilising the Ethereum Virtual Machine
- DateTime Library - A gas-efficient Solidity date and time library
- ARC - an operating system for DAOs and the base layer of the DAO stack.
- 0x - DEX protocol
- Token Libraries with Proofs - Contains correctness proofs of token contracts wrt. given specifications and high-level properties
- Provable API - Provides contracts for using the Provable service, allowing for off-chain actions, data-fetching, and computation
- ABDK Libraries for Solidity - Fixed-point (64.64 bit) and IEEE-754 compliant quad precision (128 bit) floating-point math libraries for Solidity
Patterns for Smart Contracts
Upgradeability
Developer Tools
- Check out our blog!
- CryptoFin Solidity Auditing Checklist - A checklist of common findings, and issues to watch out for when auditing a contract for a mainnet launch.
- MythX - Security verification platform and tools ecosystem for Ethereum developers
- Mythril - Open-source EVM bytecode security analysis tool
- Oyente - Alternative static smart contract security analysis
- Securify - Security scanner for Ethereum smart contracts
- SmartCheck - Static smart contract security analyzer
- Ethersplay - EVM disassembler
- Evmdis - Alternative EVM disassembler
- Hydra - Framework for cryptoeconomic contract security, decentralised security bounties
- Solgraph - Visualise Solidity control flow for smart contract security analysis
- Manticore - Symbolic execution tool on Smart Contracts and Binaries
- Slither - A Solidity static analysis framework
- Adelaide - The SECBIT static analysis extension to Solidity compiler
- solc-verify - A modular verifier for Solidity smart contracts
- Solidity security blog - Comprehensive list of known attack vectors and common anti-patterns
- Awesome Buggy ERC20 Tokens - A Collection of Vulnerabilities in ERC20 Smart Contracts With Tokens Affected
- Free Smart Contract Security Audit - Free smart contract security audits from Callisto Network
- Piet - A visual Solidity architecture analyzer
- Contract Library - Decompiler and vulnerability scanner for deployed contracts
Frontend Ethereum APIs
- Web3.js - Javascript Web3
- Eth.js - Javascript Web3 alternative
- Ethers.js - Javascript Web3 alternative, useful utilities and wallet features
- light.js A high-level reactive JS library optimized for light clients.
- Web3Wrapper - Typescript Web3 alternative
- Ethereumjs - A collection of utility functions for Ethereum like ethereumjs-util and ethereumjs-tx
- Alchemy
- flex-contract and flex-ether - Modern, zero-configuration, high-level libraries for interacting with smart contracts and making transactions.
- ez-ens - Simple, zero-configuration Ethereum Name Service address resolver.
- web3x - A TypeScript port of web3.js. Benefits includes tiny builds and full type safety, including when interacting with contracts.
- Nethereum - Cross-platform Ethereum development framework
- dfuse - A TypeScript library to use dfuse Ethereum API
- Drizzle - Redux library to connect a frontend to a blockchain
- Tasit SDK - A JavaScript SDK for making native mobile Ethereum dapps using React Native
- useMetamask - a custom React Hook to manage Metamask in Ethereum ĐApp projects
- WalletConnect - Open protocol for connecting Wallets to Dapps
- Strictly Typed - Javascript alternatives
- elm-ethereum
- purescript-web3
- ChainAbstractionLayer - Communicate with different blockchains (including Ethereum) using a single interface.
- Delphereum - a Delphi interface to the Ethereum blockchain that allows for development of native dApps for Windows, macOS, iOS, and Android.
- Torus - Open-sourced SDK to build dapps with a seamless onboarding UX
- Fortmatic - A simple to use SDK to build web3 dApps without extensions or downloads.
- Portis - A non-custodial wallet with an SDK that enables easy interaction with DApps without installing anything.
- create-eth-app - Create Ethereum-powered front-end apps with one command.
- Scaffold-ETH - Beginner friendly forkable github for getting started building smart contracts.
- Jolly Roger - dApp framework using ethereum, builder, svelte and thegraph
- Notify.js - Deliver real-time notifications to your users. With built-in support for Speed-Ups and Cancels, Blocknative Notify.js helps users transact with confidence. Notify.js is easy to integrate and quick to customize.
Backend Ethereum APIs
- Web3.py - Python Web3
- Web3.php - PHP Web3
- Ethereum-php - PHP Web3
- Web3j - Java Web3
- Nethereum - .Net Web3
- Ethereum.rb - Ruby Web3
- rust-web3 - Rust Web3
- ethers-rs - Ethers-rs
- Web3.hs - Haskell Web3
- KEthereum - Kotlin Web3
- Eventeum - A bridge between Ethereum smart contract events and backend microservices, written in Java by Kauri
- Ethereumex - Elixir JSON-RPC client for the Ethereum blockchain
- Ethereum-jsonrpc-gateway - A gateway that allows you to run multiple Ethereum nodes for redundancy and load-balancing purposes. Can be ran as an alternative to (or on top of) Infura. Written in Golang.
- EthContract - A set of helper methods to help query ETH smart contracts in Elixir
- Ethereum Contract Service - A MESG Service to interact with any Ethereum contract based on its address and ABI.
- Ethereum Service - A MESG Service to interact with events from Ethereum and interact with it.
- Marmo - Python, JS, and Java SDK for simplifying interactions with Ethereum. Uses relayers to offload transaction costs to relayers.
- Ethereum Logging Framework - provides advanced logging capabilities for Ethereum applications and networks including a query language, query processor, and logging code generation
Ethereum Clients
- Besu - an open-source Ethereum client developed under the Apache 2.0 license and written in Java. The project is hosted by Hyperledger.
- Geth - Go client
- Erigon - a mostly Go implementation of Ethereum client built on the efficiency frontier
- Akula - Rust implementation
- Nethermind - .NET Core client
- Infura - A managed service providing Ethereum client standards-compliant APIs
- Trinity - Python client using py-evm
- Ethereumjs - JS client using ethereumjs-vm
- Seth - Seth is an Ethereum client tool—like a "MetaMask for the command line"
- Quorum - A permissioned implementation of Ethereum supporting data privacy by JP Morgan
- Awesome Quorum - A curated list of awesome software, libraries, tools and more to build on ConsenSys Quorum.
- Chainstack - A managed service providing shared and dedicated Geth nodes
- QuikNode - Blockchain developer cloud with API access and node-as-a-service.
- Watchdata - Provide simple and reliable API access to Ethereum blockchain
Storage
- DB3 Network - Decentralized Firebase Firestore Alternative.
- IPFS - Decentralised storage and file referencing
- Mahuta - IPFS Storage service with added search capability, formerly IPFS-Store
- OrbitDB - Decentralised database on top of IPFS
- JS IPFS API - A client library for the IPFS HTTP API, implemented in JavaScript
- TEMPORAL - Easy to use API into IPFS and other distributed/decentralised storage protocols
- PINATA - The Easiest Way to Use IPFS
- Swarm - Distributed storage platform and content distribution service, a native base layer service of the Ethereum web3 stack
- Infura - A managed IPFS API Gateway and pinning service
- Aleph.im - an offchain incentivized peer-to-peer cloud project (database, file storage, computing and DID) compatible with ETH and IPFS.
- dAppling Network - Uses IPFS for quick and easy decentralized web hosting.
- Fleek - similar to netlify but uses ipfs for hosting websites.
Bootstrap/Out-of-Box tools
- Truffle boxes - Packaged components for the Ethereum ecosystem
- Create Eth App - Create Ethereum-powered frontend apps with one command
- Besu Private Network - Run a private network of Besu nodes in a Docker container
- Testchains - Pre-configured .NET devchains for fast response (PoA)
- Blazor/Blockchain Explorer - Wasm blockchain explorer (functional sample)
- Local Raiden - Run a local Raiden network in docker containers for demo and testing purposes
- Private networks deployment scripts - Out-of-the-box deployment scripts for private PoA networks
- Local Ethereum Network - Out-of-the-box deployment scripts for private PoW networks
- Kaleido - Use Kaleido for spinning up a consortium blockchain network. Great for PoCs and testing
- Cheshire - A local sandbox implementation of the CryptoKitties API and smart contracts, available as a Truffle Box
- aragonCLI - aragonCLI is used to create and develop Aragon apps and organizations.
- ColonyJS - JavaScript client that provides an API for interacting with the Colony Network smart contracts.
- ArcJS - Library that facilitates javascript application access to the DAOstack Arc ethereum smart contracts.
- Onboard.js - Blocknative Onboard is the quick and easy way to add multi-wallet support to your project. With built-in modules for more than 20 unique hardware and software wallets, Onboard saves you time and headaches.
- web3-react - React framework for building single-page Ethereum dApps
Ethereum ABI (Application Binary Interface) tools
- ABI decoder - library for decoding data params and events from Ethereum transactions
- ABI-gen - Generate Typescript contract wrappers from contract ABI's.
- Ethereum ABI UI - Auto-generate UI form field definitions and associated validators from an Ethereum contract ABI
- headlong - type-safe Contract ABI and Recursive Length Prefix library in Java
- EasyDapper - Generate dapps from Truffle artifacts, deploy contracts on public/private networks, offers live customizable public page to interact with contracts.
- One Click dApp - Instantly create a dApp at a unique URL using the ABI.
- Truffle Pig - a development tool that provides a simple HTTP API to find and read from Truffle-generated contract files, for use during local development. Serves fresh contract ABIs over http.
- Ethereum Contract Service - A MESG Service to interact with any Ethereum contract based on its address and ABI.
- Nethereum-CodeGenerator - A web based generator which creates a Nethereum based C# Interface and Service based on Solidity Smart Contracts.
Testing Tools
- Solidity code coverage - Solidity code coverage tool
- Solidity coverage - Alternative code coverage for Solidity smart-contracts
- Solidity function profiler - Solidity contract function profiler
- Sol-profiler - Alternative and updated Solidity smart contract profiler
- Espresso - Speedy, parallelised, hot-reloading solidity test framework
- Eth tester - Tool suite for testing Ethereum applications
- Cliquebait - Simplifies integration and accepting testing of smart contract applications with docker instances that closely resembles a real blockchain network
- Hevm - The hevm project is an implementation of the Ethereum virtual machine (EVM) made specifically for unit testing and debugging smart contracts
- Ethereum graph debugger - Solidity graphical debugger
- Tenderly CLI - Speed up your development with human readable stack traces
- Solhint - Solidity linter that provides security, style guide and best practice rules for smart contract validation
- Ethlint - Linter to identify and fix style & security issues in Solidity, formerly Solium
- Decode - npm package which parses tx's submitted to a local testrpc node to make them more readable and easier to understand
- truffle-assertions - An npm package with additional assertions and utilities used in testing Solidity smart contracts with truffle. Most importantly, it adds the ability to assert whether specific events have (not) been emitted.
- Psol - Solidity lexical preprocessor with mustache.js-style syntax, macros, conditional compilation and automatic remote dependency inclusion.
- solpp - Solidity preprocessor and flattener with a comprehensive directive and expression language, high precision math, and many useful helper functions.
- Decode and Publish – Decode and publish raw ethereum tx. Similar to https://live.blockcypher.com/btc-testnet/decodetx/
- Doppelgänger - a library for mocking smart contract dependencies during unit testing.
- glide.r - a tool for performing smart contract queries (audit/bug-bounty).
- rocketh - A simple lib to test ethereum smart contract that allow to use whatever web3 lib and test runner you choose.
- pytest-cobra - PyTest plugin for testing smart contracts for Ethereum blockchain.
- ERCx - Testing tool with a Web interface to test conformance and properties of ERC-20 tokens. Based on Foundry forge.
Transaction Visualization, Scoring & Tracking:
What's next?
Work...?
Support Me:
The best thing is to support me directly by donating to my address on Ethereum Main-net or any of the compatible networks or to any address from the list below:
#
Thank you! Stay safe!