Level up and become a Solidity Smart Contract Auditor
New Smart Contract Auditor Course for Solidity developers and aspiring auditors who want to secure real-world dapps on Ethereum
Solidified is the largest audit platform for smart contracts, performing audits for leading blockchain projects like Polymath, Gnosis, Bankera, and Melonport.
Solidified and B9lab have teamed up to create the first smart contract auditor course of this kind. Become an auditor by learning from the experts and gain a chance to join the leading audit platform in the industry.
This course is for Solidity developers and aspiring auditors who want to secure real-world decentralized applications on Ethereum. The top participants chosen by B9lab will have the opportunity to take a paid internship with Solidified!
The mission of this course is to prepare Ethereum developers and aspiring Solidity auditors for this new security paradigm through exercises which pull from notable vulnerabilities found in the wild.
The course will introduce students to the current state of smart contract security ecosystem, and provide advice to those looking to enter the market.
In order to get the most out of the course you need to be comfortable with Solidity. This course will not teach any Solidity basics so this is for you if you already have experience building smart contracts. To learn Ethereum development from the ground up, have a look at our Ethereum Developer Course.
Module 1: Why Smart Contracts Fail
This lesson will examine the most prominent real-world examples of smart contract breaches and how they could’ve been prevented. This will give the student a practical introduction to the world of smart contract security and the need for this education. As part of this module we are introducing the concepts of auditing with examples of prominent vulnerabilities, such as the DAO, Parity and other famous hacks. You will learn to appreciate the stakes involved in securing smart contracts, and develop the necessary vocabulary to navigate the smart contract security space.
Module 2: Auditing Process and Reporting
The audit process explained. Understanding scope and specification. Participating in single and group audits, pre- and post-debrief, unbiased input, categorization of severity, comparing findings. How to write audit and bug reports. We will be covering audit protocol, techniques for finding and evaluating the severity of bugs, the audit process and steps, report writing. You will learn how to write audits and bug reports, as well as how to participate in a group or single audit.
Module 3: Tools of the Trade
This lesson will focus on setting up helpful tools and frameworks that will aid in securing smart contracts. We will go into the Remix IDE, the truffle framework, open zeppelin standard contracts, test nets, common open source security tools (where they excel, and what not to expect from them). Students will be exposed to the gold standard of contract security, and learn to deploy these contracts on a test net.
Module 4: Common Vulnerabilities
A majority of the vulnerabilities seen in Solidity smart contracts today are rooted in common misunderstandings. In this lesson we identify the most common types of bugs, and challenge the student to find and patch them in code exercises. This module covers re-entrancy, overflow/underflow, challenges of random number generation, denial of service attacks, front-running, etc. You will learn to find and patch the most common issues in smart contracts.
Module 5: Auditing Techniques
How to smell something is wrong, spotting red flags and dangerous code. We will cover indicators of potentially buggy code, breaking apart uncertainty. You will learn how to see signs of potential bugs. Messy code, obscure calculation, overly complex implementations and all sorts of signs that could indicate the existence of bugs.
Module 6: Advanced Vulnerabilities
Real world bugs, from the most notorious hacks to the most sophisticated, examined. The topics covered include external code execution, low level code (Solidity assembly), flaws in game theory of governance, protocol/interface exploits, sybil resistance, general blockchain security considerations. You will learn to uncover deeper issues, understand exploits in multi-contract systems, and familiarize yourself with notorious exploits for common reference when engaging with other auditors.
Module 7: Beginning Your Career as an Auditor
This lesson covers how to participate in Ethereum’s smart contract security community. Getting started with bug bounties, where to seek and offer auditing services, where to continue learning, expectations and standards. You will learn how to work your way from participating in bug bounties to performing smart contract audits.
Speaking of starting your career...
The best graduates will be invited to a paid internship at Solidified
and work on a real audit!
In every cohort the best graduates will be invited by Solidified to work on a real audit as part of a paid internship. Those performing well will receive an advanced certification and will be invited to join the Solidified auditor pool.
Where our alumni work
B9lab alumni are thriving at some of the world's top companies in the blockchain space and beyond, including:
“B9Lab's Ethereum Developer course provided me with a solid, pragmatic foundation not only to building distributed applications but also to staying attune to the evolving Ethereum ecosystem. B9Lab's approach of learning the fundamentals of blockchain, cryptography and the EVM combined with valuable instructor feedback on smart contract code allow you to navigate learning in this open source environment with a strong comprehension of the nuances of Ethereum's design.”Karen S.
“I started my blockchain education with a MSc. in Digital Currencies from the University of Nicosia. It was ok, but I realized I missed coding. This is how I came to B9lab. All seemed to come together in this course: my economics background, blockchain interest, love for coding… so I took the leap and haven't regretted it for a moment so far!”Rinke H.
“The projects where you actually build something yourself was huge and most courses don't have that. Other courses passively walk you through a project step by step, but without hands-on practice it's just not effective learning. It's not a real-world job situation. B9lab creates a more realistic expectation.”Randall K.
We believe in hands-on teaching
You have full-time access to our team of instructors. When you hit a snag or have a question, just message them.
Learning by doing
Our courses feature coding projects. Our mentors will go through and provide feedback and code review!
Talk to other devs from all over the world
The B9lab community has over 1500 members from all over the world. Find people to work on projects, exchange ideas, learn from others and discuss the most technical questions.
Meet Your Instructors
What sets B9lab blockchain courses apart from your typical online MOOC or YouTube channel is that you get one-on-one support and mentoring from expert instructors, who will actually review your code and help you refine it. These are veterans of the decentralised tech community, and some pretty cool people who want to help you become a blockchain professional!
Rob has worn many hats in his extensive IT career including experience designing, constructing, implementing and operating innovative software solutions, developing training programs and supporting online education platforms. Rob has been dabbling in blockchain technology since the early days and quickly recognised the disruptive potential of Smart Contracts and decentralised apps. Since 2016, Rob has been absorbing all things related to Smart Contracts and supporting developers on their quest to master this technology.
Xavier is a software and infrastructure engineer. In the past 15 years, he has coded, deployed, customised, troubleshot, and supported various software systems. He has also guided, educated, taught, and coached customers across Asia. Xavier used to be based in Thailand and Singapore. For more than two years now, he has been a keen member of the blockchain community.
Adel comes from a background in Artificial Intelligence and has been taking software development related roles since 2006. In early 2018 he joined the blockchain movement as a B9lab student and got certified in all of the available courses; his high marks and constant support of his fellow students proved him to be a valuable member in the B9lab community and secured him the role of tutor.
Senior Auditor and Core Developer at Solidified
Joao is the winner of Solidity Underhand Coding Contest, panelist at Ethereum DevCon3 and the top Auditor at Solidified. Joao developed the first version of smart contracts for Solidified platform and is currently working on the next iteration. Post graduate in software engineering from Rio de Janeiro Federal University, he specialized in smart contracts development and security. Joao is also a contributor to Zeppelin and Aragon core contracts.
Lead Auditor and Director of Ops at Solidified
Fabio has over 12 years of experience in Tech Audit and Information Security, having worked at Solidified, PwC and leaders in the Brazilian Industry such as Volkswagen, Azul Airlines and Dafiti. CISSP and CISA certified, he transitioned to the Ethereum space in 2017 and manages the audit process and Dapp development at Solidified.
€2,400SIGN UP NOW
Want to pay in another currency?
All prices excl. VAT