Repository inventory

jpropato/ssg-santalucia

Skills indexed from this repository, with install-style signals scoped to the repo.
2 skills0 GitHub stars0 weekly installsTypeScriptGitHubOwner profile

Overview

This skill teaches smart contract security best practices for Solidity, focusing on preventing common vulnerabilities and applying secure patterns. It helps developers write, audit, and harden contracts for production-grade blockchain applications. Practical patterns, checklists, and testing guidance are included to prepare contracts for audits and reduce risk.

How this skill works

The skill inspects critical attack surfaces such as reentrancy, integer overflow/underflow, access control, and front-running, and it prescribes secure patterns like Checks-Effects-Interactions, pull-over-push, and role-based access. It also covers gas optimizations that maintain security, testing strategies with Hardhat, and tools for static analysis and fuzzing. Users get concrete code patterns, a vulnerability checklist, and audit preparation tips.

When to use it

  • When writing new smart contracts for production
  • During security audits or code reviews of existing contracts
  • When designing DeFi protocols or payment flows
  • To harden contracts against reentrancy, overflow, or access control flaws
  • When preparing contracts for third-party professional audits
  • When optimizing gas without sacrificing security

Best practices

  • Apply Checks-Effects-Interactions and update state before external calls
  • Use Solidity 0.8+ or SafeMath to prevent integer overflow/underflow
  • Enforce strict access control with Ownable or role-based patterns
  • Prefer pull-over-push for payments and use ReentrancyGuard where needed
  • Pin Solidity pragma, emit events for state changes, and avoid tx.origin for auth
  • Run static analysis (Slither, Mythril) and fuzzing/symbolic tests (Echidna, Manticore)

Example use cases

  • Implementing a secure token transfer contract with built-in overflow checks
  • Designing a DeFi lending pool resistant to reentrancy and front-running
  • Preparing a contract suite for a professional security audit with documentation and tests
  • Converting batch payment logic to pull-based withdrawals to avoid failed distribution rollback
  • Optimizing storage layout and calldata usage to reduce gas while retaining safety

FAQ

Update user state before external calls (Checks-Effects-Interactions) and/or use OpenZeppelin ReentrancyGuard with nonReentrant modifiers.

Is overflow still a concern in modern Solidity?

Solidity 0.8+ includes built-in overflow/underflow checks. For older versions, use SafeMath and audit math-heavy logic.

2 skills

More from this maintainer
Other repositories and skills published under the same GitHub owner.
Skills library
Jump back to the full directory or explore grouped topics.
Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational