Lesson 1Runtime protections: on-chain limits, slippage bounds, debt ceilings, rate limitsThis part explains runtime protections that enforce safe operating bounds, including on-chain limits, slippage controls, debt ceilings, and rate limits that limit protocol behavior under stress or attack.
On-chain limits and guardrail parametersSlippage bounds and price impact capsDebt ceilings and exposure controlsRate limits and throughput throttlingKill switches and graceful degradationLesson 2Safe upgrade and deployment strategies: immutable core vs upgradeable modules, upgrade governanceThis part explains safe deployment and upgrade ways, comparing immutable cores and upgradeable modules, defining upgrade governance, testing lines, and rollback plans to cut risk during contract changes.
Immutable core versus upgradeable modulesProxy patterns and storage safetyUpgrade governance and voting flowsStaging, canary, and phased rolloutsRollback, freezes, and migration plansLesson 3Secure smart contract design patterns: checks-effects-interactions, pull-over-push, nonReentrant, circuit breakersThis part introduces core secure design ideas for smart contracts, like checks-effects-interactions, pull-over-push payments, nonReentrant guards, and circuit breakers that limit damage from bugs or attacks.
Checks-effects-interactions patternPull over push payment mechanismsReentrancy guards and nonReentrantCircuit breakers and emergency stopsAccess control and capability patternsLesson 4Developer processes: code review checklists, pre-merge CI gates, dependency management, reproducible buildsThis part covers secure development processes, including code review checklists, pre-merge CI gates, dependency handling, and reproducible builds that ensure consistent, checkable, and tamper-proof releases.
Security-focused code review checklistsPre-merge CI and mandatory test gatesManaging third-party dependenciesReproducible and deterministic buildsRelease signing and artifact verificationLesson 5Key management and operational hygiene: hardware wallets, threshold signatures, secret rotation policiesThis part covers secure key lifecycle handling for blockchain operations, including hardware wallets, threshold signatures, backup and recovery, rotation policies, and operational hygiene to prevent key theft, misuse, or loss.
Hardware wallets for operational signersThreshold and MPC signing architecturesSecure key backup and recovery plansKey rotation and revocation proceduresWorkstation and network hygiene controlsLesson 6Documentation and transparency: security disclosures, public parameters, bug bounty visibilityThis part describes how to document security assumptions, public parameters, admin powers, and upgrade policies, and how to run clear bug bounties that help users and checkers understand and trust the system.
Documenting trust and threat modelsPublishing admin roles and powersPublic parameters and risk disclosuresBug bounty scope and visibilityChangelogs and user-facing updatesLesson 7Monitoring and incident response: metrics to track, alert thresholds, playbooks, and forensics preparationThis part details how to monitor blockchain systems, define security and reliability metrics, set alert levels, prepare incident playbooks, and collect forensic data for quick checks and good postmortems.
Core security and reliability metricsAlert thresholds and escalation pathsIncident response playbook designOn-chain and off-chain log collectionForensics readiness and evidence handlingLesson 8Admin controls and governance: multisig, timelocks, role separation, emergency pause proceduresThis part explains how to design strong admin governance using multisig wallets, timelocks, role separation, and emergency pause controls, cutting single failure points and limiting privileged action effects.
Designing secure multisig admin walletsConfiguring timelocks for critical actionsRole separation and least privilege modelsEmergency pause and circuit breaker runbooksDelegation, signers rotation, and auditsLesson 9Oracle hardening controls: multi-source feeds, TWAP, oracle guardians, dispute windowsThis part focuses on strengthening oracle designs using multi-source feeds, TWAP mechanisms, guardians, dispute windows, and failover ways to cut manipulation risk and ensure tough, trustworthy price data.
Multi-source and medianized price feedsTWAP and liquidity-aware pricingOracle guardians and kill switchesDispute windows and challenge flowsFailover, liveness, and stale data checksLesson 10Testing and QA best practices: deterministic tests, fuzz targets, simulated attacker testsThis part presents testing and QA ways for smart contracts, including deterministic unit tests, fuzzing, property-based tests, and simulated attacker scenarios that show edge cases and security weaknesses.
Deterministic unit and integration testsFuzzing and property-based testingSimulated attacker and chaos testsTest coverage and invariant trackingTest data, fixtures, and environments
