← All programs
SCA-201Intermediate54h · 6 weeks (self-paced)
Smart Contract Audit — Essentials
The fast path from competent Solidity developer to entry-level auditor. You will dissect famous exploits, build a working audit methodology, and deliver reports that engineers will actually read.
01 · Outcomes
What you will be able to do.
- 01Review Solidity with a security-first lens
- 02Spot re-entrancy, overflow, and tx-ordering bugs reliably
- 03Design test harnesses and invariants for fuzzing
- 04Write audit findings with clear severity and remediation
- 05Triage scope and manage audit engagements
02 · Syllabus
What you will cover.
Week 1-2
EVM & Secure Solidity
- →Storage layout, memory and call context
- →Safe patterns: CEI, pull-over-push, access control
- →Reading assembly and optimizer output
Week 3-4
Vulnerability Classes
- →Re-entrancy (classic, cross-function, cross-contract)
- →Price-oracle manipulation and MEV exposure
- →Signature replay, domain separation, EIP-712 pitfalls
Week 5
Testing & Fuzzing
- →Foundry invariant testing end-to-end
- →Property-based checks with Echidna
- →Differential testing and mutation testing
Week 6
Reporting & Engagement
- →Severity × likelihood × impact framework
- →Writing findings that survive triage
- →Scope, kickoff, and remediation review
Tools
- • Foundry
- • Slither
- • Echidna
- • Halmos
- • Tenderly
Who it's for
- Solidity developers ready to move into audit work
- Security engineers specialising in smart contracts
- Protocol teams building internal audit capability
Prerequisites
- Solid Solidity experience (6+ months)
- Familiarity with Foundry or Hardhat
Ready?