優れた教育リソースの推薦 - Solidityの高度なトピック

defihacklabs-high-resolution-color-logo

Contributed by: Script Money
Full-stack engineer familiar with Web3 development ecosystem, has written some technical tutorials

This article is the fifth installment of CryptoChasers' Web3 Recommended Education Resources series, focusing on the advanced topic of Solidity. The previous installment, "Intermediate Solidity", provided many high-quality resources related to EVM to help developers learn. This advanced installment offers tutorials mainly in the field of contract security, teaching advanced Solidity knowledge through reproducing historical hacking incidents and solving CTF (Capture The Flag) puzzles.

Recommended Tutorials#

Web3 Security#

Website: web3sec.xrex.io
Language: English/Chinese
Content: Index

This Notion maintained by white hat SunSec contains various resources, tutorials, tools, and more related to Web3 security. It is a treasure trove and definitely worth browsing, including some Chinese materials. Among them, the highly acclaimed open-source library DeFiHackLabs records the attack methods of various historical DeFi security incidents. It is written by Foundry and is continuously updated. Highly recommended.

Puzzlebox.sol#

Website: ctf.dragonfly.xyz
Language: English
Content: Puzzles

This CTF initiated by investment firm dragonfly has received high praise from the community's technical experts. The content of the competition is to interact step by step with the functions designed in the puzzlebox contract until the box is completely opened. Each step does not have a fixed solution, and the higher the score, the lower the gas consumption optimization. To achieve a high score, you need to show great skills. You can try it yourself first and then learn from others' solutions.

Paradigm CTF 2022#

Website: github.com/paradigmxyz/paradigm-ctf-2022
Language: English
Content: Puzzles

This CTF initiated by research-oriented investment firm Paradigm also has a 2021 version. It is another CTF highly praised by the community's technical experts, with a large difference in difficulty level among the challenges. It is quite challenging to complete all of them. After deploying the local environment, you can call the solve function of the puzzle contract by writing scripts or contracts, and then send requests to obtain scores. There are puzzles for Cairo 0 (the development language of StarkNet) and Solana chain, which can be chosen not to be viewed. It is still uncertain whether there will be Paradigm CTF 2023 this year. If you want to score, you can take a look at the latest Cairo in advance.

Summary#

The recommended resources above are mainly based on the suggestions of some experts in the community. Therefore, well-known CTFs like ethernaut are not separately recommended because their difficulty is too simple. Good content lies in its essence. If you feel that it is not enough to learn, you can find other resources in the Web3Sec library. If you think you are very capable, participate in newly launched CTFs and enjoy the excitement of competition.