- Insufficient Gas Griefing
- Reentrancy
- Integer Overflow and Underflow
- Timestamp Dependence
- Authorization Through tx.origin
- Floating Pragma
- Outdated Compiler Version
- Unsafe Low-Level Call
- Uninitialized Storage Pointer
- Assert Violation
- Use of Deprecated Functions
- Delegatecall to Untrusted Callee
- Signature Malleability
- Incorrect Constructor Name
- Shadowing State Variables
- Weak Sources of Randomness from Chain Attributes
- Missing Protection against Signature Replay Attacks
- Requirement Validation
- Write to Arbitrary Storage Location
- Incorrect Inheritance Order
- Presence of Unused Variables
- Unencrypted Private Data On-Chain
- Inadherence to Standards
- Asserting Contract from Code Size
- Transaction-Ordering Dependence
- DoS with Block Gas Limit
- DoS with (Unexpected) revert
- Unexpected
ecrecover
null address - Default Visibility
- Insufficient Access Control
- Off-By-One
- Lack of Precision
- https://github.com/ethereum/wiki/wiki/Safety
- https://swcregistry.io/
- https://eprint.iacr.org/2016/1007.pdf
- https://www.dasp.co/
- https://consensys.github.io/smart-contract-best-practices/
- https://github.com/sigp/solidity-security-blog
- https://solidity.readthedocs.io/en/latest/bugs.html
Submit a PR!