Is there a book / course on best practices? I’m starting to realized that often operating on the approach of “when I find a problem let me look for a solution” isn’t good because then there are some problems which people don’t realize are problems if they aren’t big enough. Having a comprehensive book / course could be insanely helpful in those times. Something like https://increment.com/security/ for example.
Hi @aparnakr,
Welcome to the community forum 
I’m not sure if there is a definitive book/course on best practices. Will be interested to see what recommendations the community has.
This historic (ancient in blockchain timescales) post still holds true (https://blog.openzeppelin.com/onward-with-ethereum-smart-contract-security-97a827e47702/).
The post lists the following great resources:
- https://solidity.readthedocs.io/en/latest/security-considerations.html
- https://consensys.github.io/smart-contract-best-practices/
The OpenZeppelin documentation (such as: Preparing for Mainnet) along with the OpenZeppelin Contracts and tests themselves are also great to refer to.
I also recommend Test smart contracts like a rockstar for testing.
The OpenZeppelin Research team have a checklist before an audit which I recommend to the community.
The OpenZeppelin Research team provides a Security Audits service for decentralized applications, tools, and protocols. You can browse through past public audits in our blog.
1 Like
It is also worth looking at the list of post-mortems:
1 Like