Instead of just having attack vectors, lets put those in a folder and include other folders for security considerations.

Folders can include:

• Known attacks
• Best practices
• Historical attacks

Most of the resources are either out of data or defunct

Broken link in unchecked-call-return-value.md

https://consensys.github.io/smart-contract-best-practices/recommendations/#handle-errors-in-external-calls

Some contracts do not want other contracts to interact with them (very common in gambling contracts using sub-par RNG).

A common way to prevent this is to check whether the calling account has any code stored in it, however contract accounts initiating calls during their construction will not yet show that they store code.

An example of this is the FOMO3D bug.

There isn't a clear line between attacks and vulnerabilities, so we'll just place them all together in a folder titled attacks-and-vulnerabilities.

Some non-Solidity attacks such as honeypots, short address attack, mis-characterizing code using ascii tricks, making failed transactions appear successful on explorers, injections, unsafe/unreliable oracle sources, etc. may deserve their own section.

• manipulation
• variation between oracle and true value
• down sequencer

Not sure what to call this but just the general idea of using a contract to take advantage of variables that will be known by the time the transaction hits the chain (e.g. taking advantage of on-chain randomization).

Let's include an explanation of this, and link to it whenever it is mentioned.

https://solidity.readthedocs.io/en/v0.5.11/bugs.html

E.g.

• https://consensys.github.io/smart-contract-best-practices/recommendations/#multiple-inheritance-caution
• https://solidity.readthedocs.io/en/v0.4.25/contracts.html#multiple-inheritance-and-linearization
• https://pdaian.com/blog/solidity-anti-patterns-fun-with-inheritance-dag-abuse/

please create a blog how to start smart contract bug bounty.

A good chunk have examples already, but all of them should.

Many contracts rely on calls happening within certain period of time, but Ethereum can be spammed with very high Gwei transactions for a decent amount of time relatively cheaply.

For example, FOMO3D (a countdown game where the last investor wins the jackpot, but each investment adds time to the countdown) was won by a user who completely clogged the blockchain for a small period of time, disallowing others from investing until the timer ran out and he won.

There are many "croupier" gambling contracts nowadays that rely on past blockhashes to provide RNG. This is not a terrible source of RNG for the most part, and they even account for the pruning of hashes that happens after 256 blocks, but at that point many of them simply null the bet. This would allow someone to make bets on many of these similarly-functioning contracts with a certain result as the winner for them all, check the croupier's submission while it's still pending, and, if it's unfavorable, simply clog the blockchain until pruning occurs and you can get your bets returned.

e.g. https://solodit.xyz/issues/12279

A few listed in here:

https://medium.com/coinmonks/the-phenomena-of-smart-contract-honeypots-755c1f943f7b

Ethereum smart contract code can always be read. Treat it as such. Even if your code is not verified on Etherscan, attackers can still decompile or even just check transactions to and from it to analyze it.

One example of a problem here would be having a "guessing game" where the user has to guess a stored private variable to win the Ether in the contract. This is, of course, extremely trivial to exploit (to the point that you shouldn't try it because it's almost certainly a honeypot contract that's much trickier).

Another common problem here is using unencrypted off-chain secrets, such as API keys, with Oracle calls. If your API key can be determined, malicious actors can either simply use it for themselves, or take advantage of other vectors such as exhausting your allowed API calls and forcing the Oracle to return an error page which may or may not lead to problems depending on the structure of the contract.

An example of this would be Binance's "ERC20"

"Forcibly Sending Ether" and "Unexpected Ether Balance" are both in the same list but it's an example of a vulnerability and attack based on the same underlying functionality.

Some great references here:
https://github.com/sigp/solidity-security-blog

Not sure exactly what to call this but some contracts may have functionality such as rewarding the caller for the amount of gas they spend. This would typically take the form of recording gasleft() at the beginning of the function and gasleft() at the end of the function, although if there are calls in-between where the attacker could call their own contract, they have the ability to spend a lot of gas on a fodder contract by deleting, have the full amount spent on deletes rewarded to them, but only end up paying a partial amount of gas.