https://www.powershow.com/view0/95ef27-MDg4M/https_www_powershow_com_view0_95e903-OTMxZ_Smart_Contract_Audit_Process_and_Audit_Content_powerpoint_ppt_presentation_powerpoint_ppt_presentation

1
Ever considered how to check for security
breaches in smart contracts?
2
Ever considered how to check for security
breaches in smart contracts?

• You can learn it yourself, or you can use this
  helpful step-by-step guide to learn exactly what
  to do, when and when to audit these contracts.
• I've been researching various Smart Contract
  audits and learned the most common steps they
  take to extract all essential information from
  any contract.
• Let's cut to the chase and start auditing
  contracts
• How to audit a Smart Contract
• Now you might ask, what exactly is a Smart
  Contract audit?
• Before being released and deployed on the
  Ethereum mainnet, where it will not be modified,
  a piece of code, in this example Solidity
  contract, is thoroughly examined for errors,
  vulnerabilities, and hazards. It's just for
  discussion purposes.

3
Ever considered how to check for security
breaches in smart contracts?

• Always remember that an audit is not a formal
  confirmation of the security of code. Nobody can
  guarantee 100 that the code will not have future
  bugs or vulnerabilities. It's a guarantee that
  your code has been reviewed by an expert and is
  secure.
• To discuss possible improvements and mainly to
  find bugs and vulnerabilities that might risk
  people's Ether.
• Once that's clear, let's take a look at the
  structure of a Smart Contract Audit
• Disclaimer Here you will say that the audit is
  not a legally binding document and that it does
  not guarantee anything.
• Audit overview and legal features A quick
  overview of the Smart Contract that will be
  audited and best practices found.
• Attacks made on the contract In this section you
  will talk about the attacks made on the contract
  and the results.
• Critical Vulnerabilities Found in the Contract
  Critical issues that could seriously undermine
  the integrity of the contract. Some mistakes that
  would allow attackers to steal Ether are a
  critical issue.

4
Ever considered how to check for security
breaches in smart contracts?

• Medium vulnerabilities found in the contract
  those vulnerabilities that could damage the
  contract, but with some kind of limitation. Like
  a flaw that enables users to modify a random
  variable.
• Low severity vulnerabilities found These are the
  issues that really don't break the contract and
  that could exist in the deployed version of the
  contract.
• Line-by-line comments In this section, you'll
  review the most important lines where you see
  potential improvements.
• Audit Summary Your view of the contract and
  final audit findings.
• Keep this structure somewhere safe because it's
  all you need to actually securely audit a Smart
  Contract. It will certainly assist you in
  identifying those tricky vulnerabilities.
• I recommend that you start with point 7
  "Line-by-line comments" because by analyzing the
  contract line-by-line you will find the most
  important issues and see what is missing. What
  could be changed or improved.

5
Ethereum Casino Audit

• Introduction
• In this Smart Contract audit, we cover the
  following topics
• 1. Disclaimer
• The audit makes no representations or warranties
  about the usefulness of the code, security of the
  code, suitability of the business model,
  regulatory regime of the business model, or any
  other representations about the contracts'
  fitness for purpose, or their error-free status.
  The audit documentation is only intended for
  discussion.
• 2. Overview
• The project has only one file, the file
  Casino.sol, which contains 142 lines of Solidity
  code. The natspec documentation for the functions
  is used to thoroughly comment all functions and
  state variables, making it easy to understand how
  everything should operate.
• The project uses a centralised service and the
  Oraclize API to implement truly random number
  generation on the blockchain.

6
Ethereum Casino Audit

• Generating random numbers on the blockchain is
  quite a difficult topic because one of the core
  values ??of Ethereum is predictability, the aim
  of which is not to have undefined values.
• Therefore, using Oraclize's reliable number
  generation is considered good practice, as they
  generate random numbers off the blockchain. It
  implements modifiers and a callback function that
  verifies that the information comes from a
  trusted entity.
• The purpose of this Smart Contract is to
  participate in a random lottery where people bet
  on a number between 1 and 9. The reward is
  automatically split among the winners when the
  first ten bets are placed.
• Each player can only bet once during each game
  and the winning number is only generated when the
  betting limit is reached.
• Binance Smart Chain BSC smart contract audit
  services to protect your highly dynamic BSC
  venture from vulnerabilities.