Is there a book / course on best practices? I’m starting to realized that often operating on the approach of “when I find a problem let me look for a solution” isn’t good because then there are some problems which people don’t realize are problems if they aren’t big enough. Having a comprehensive book / course could be insanely helpful in those times. Something like https://increment.com/security/ for example.
Welcome to the community forum
I’m not sure if there is a definitive book/course on best practices. Will be interested to see what recommendations the community has.
This historic (ancient in blockchain timescales) post still holds true (https://blog.openzeppelin.com/onward-with-ethereum-smart-contract-security-97a827e47702/).
The post lists the following great resources:
I also recommend Test smart contracts like a rockstar for testing.
The OpenZeppelin Research team have a checklist before an audit which I recommend to the community.
It is also worth looking at the list of post-mortems: