New crisis – new opportunities
Recently, the situation in the crypto industry has not been encouraging with its incidents. Only in the last six months have there been 2 major incidents.
The collapse of the FTX exchange and the LUNA token caused huge losses for their investors.
But despite the weak activity in the crypto sector lately, this industry has tremendous prospects for the future. It’s the ideal time to purchase new skills. So, we’d like to present you with a learning path to start your education as a smart contract auditor.
Get experienced in coding
The first point you need to understand is that you need to have some experience with coding. It does not mean that you should be a senior developer, but you’d need to know how to read the code and understand some features.
Learn about Ethereum
The second step is to learn about Ethereum basics.
A good way to do it is to read “Mastering Ethereum” by Andreas Antonopoulos. It covers all the required subjects for beginners.
If you want to go deep down the rabbit hole from the beginning, you can simply read Ethereum documentation for the developers https://ethereum.org/en/developers/docs/intro-to-ethereum/
Go deep on Solidity
Step three is to figure out the Solidity specification and its syntax:
CryptoZombies https://cryptozombies.io/en/course is an excellent choice to learn the basics of variables, types, functions, and other significant stuff.
Hack the smart contracts
Now you are ready to proceed with smart contract hacking:
That is the hardest step in our learning path – oddly enough ? isn’t it?…
Let’s begin with CTFs:
They will give you a huge boost for your skills because it covers the most common vulnerabilities. But it’s not enough, and you’ll need to read the most basic smart contracts such as token standards EIP20 and EIP721.
- Proxies — OpenZeppelin Proxy https://docs.openzeppelin.com/contracts/4.x/api/proxy.
- Peer-to-Peer lending protocols — Compound https://docs.compound.finance/
- AMMs (automated market makers) — Uniswap V2 https://github.com/Uniswap/v2-core/blob/27f6354bae6685612c182c3bc7577e61bc8717e3/contracts/UniswapV2Pair.sol .
After all of this, get a real experience on our bug bounty platform HackenProof or using audit contests on Code4rena. That’s an excellent opportunity to increase your level of qualification, even if you cannot find high-severity bugs.
What is next?
Keep honing your skills, learn the finance basics for smart contract logic, figure out EVM, and learn from past exploits.
Start your education, and you may prevent the next huge hack, which leads to tremendous losses.