The invoice form 📝 has been filled out correctly for this milestone and the delivery is according to the official milestone delivery guidelines.
- Application Document: https://github.com/w3f/Grants-Program/blob/master/applications/ScoutCoinFabrik.md
- Milestone Number: 1
Context (optional)
In this delivery we provide a curated list of smart contract vulnerabilities in substrate ink!, code snippets and examples for these vulnerabilities and Proof of Concept detectors showing the feasibility of our security analysis tool.
Deliverables
| Number | Deliverable | Link | Notes |
|---|---|---|---|
| 0a. | License | https://github.com/CoinFabrik/web3-grant/blob/main/LICENSE | MIT |
| 0b. | Documentation | https://github.com/CoinFabrik/web3-grant/blob/main/assets/scout-vulnerabilities-report.pdf | We provide a report, listing relevant security issues introduced in smart contracts developed with ink!. This will include a summary of findings and how the results were procured, a detailed description of each vulnerability/best practice, and links to the code that exemplifies them. |
| 0c. | Testing and Testing Guide | - | No tests for our PoC where produced at this stage. |
| 0d. | Docker | - | Does not apply at this stage. |
| 0e. | Article | https://blog.coinfabrik.com/vulnerability-detection-in-ink-programming-language | We uploaded to our blog a report summary. |
| 1 | Research | https://github.com/CoinFabrik/web3-grant/tree/main/curated-list-of-vulnerabilities | We produced a curated list of vulnerabilities, best practices, and enhancements related to smart contracts written in ink!, considering the list of analysis categories currently used for our manual smart contract audits. |
| 2 | Development | https://github.com/CoinFabrik/web3-grant/tree/main/vulnerabilities | We produced code examples and snippets of smart contracts written in ink! for each type of vulnerability from the list mentioned in 1. Research. |
| 3 | Development | https://github.com/CoinFabrik/web3-grant/tree/main/detectors | Proof of concept code detecting some (relevant) issues included in the list of vulnerabilities and best practices. |
Additional Information
Find our project's repo at: https://github.com/CoinFabrik/web3-grant