| name | vulnerability-patterns |
| description | Common vulnerability patterns in Solidity and how to prevent them. Use when reviewing contracts for security issues or learning about common exploits. |
Vulnerability Patterns Skill
Reference skill for common Solidity vulnerability patterns. This skill references detailed checklists in the security-audit skill.
When to Use
Use this skill when:
- Learning about common vulnerabilities
- Reviewing code for security issues
- Understanding exploit techniques
- Preventing known vulnerabilities
Related Skills
For comprehensive security auditing, see:
- security-audit: Complete audit methodology and checklists
- testing-patterns: Security testing approaches
- contract-patterns: Secure implementation patterns
Common Vulnerability Categories
Critical Vulnerabilities
Reentrancy - See
security-audit/checklists/common-vulnerabilities.md- Classic reentrancy (same function)
- Cross-function reentrancy
- Read-only reentrancy
Access Control - See
security-audit/checklists/access-control-checklist.md- Missing access modifiers
- Incorrect authorization
- Privilege escalation
Integer Issues - See
security-audit/checklists/common-vulnerabilities.md- Overflow/underflow (pre-0.8)
- Division by zero
- Precision loss
Oracle Manipulation - See
security-audit/checklists/defi-checklist.md- Flash loan attacks
- Price manipulation
- Stale price data
High Severity
- Unchecked External Calls
- Delegatecall Injection
- Signature Replay
- Front-Running
- Denial of Service
Medium Severity
- Timestamp Dependence
- Tx.origin Authentication
- Floating Pragma
- Uninitialized Storage
Quick Vulnerability Reference
Reentrancy
// ❌ Vulnerable
function withdraw() public {
uint amount = balances[msg.sender];
(bool success, ) = msg.sender.call{value: amount}("");
balances[msg.sender] = 0; // Too late!
}
// ✅ Secure
function withdraw() public nonReentrant {
uint amount = balances[msg.sender];
balances[msg.sender] = 0; // Update first
(bool success, ) = msg.sender.call{value: amount}("");
require(success);
}
Access Control
// ❌ Missing modifier
function mint(address to, uint amount) public {
_mint(to, amount);
}
// ✅ Protected
function mint(address to, uint amount) public onlyOwner {
_mint(to, amount);
}
Integer Overflow
// ❌ Pre-0.8 vulnerable
pragma solidity 0.7.6;
uint256 balance = type(uint256).max;
balance += 1; // Overflows silently
// ✅ Solidity 0.8+ safe
pragma solidity 0.8.30;
uint256 balance = type(uint256).max;
balance += 1; // Reverts
Testing for Vulnerabilities
Reentrancy Test
contract Attacker {
Target public target;
function attack() external payable {
target.deposit{value: msg.value}();
target.withdraw();
}
receive() external payable {
if (address(target).balance > 0) {
target.withdraw();
}
}
}
function test_ReentrancyAttack() public {
vm.expectRevert(); // Should revert
attacker.attack{value: 1 ether}();
}
Access Control Test
function test_RevertWhen_UnauthorizedMint() public {
vm.prank(attacker);
vm.expectRevert("Ownable: caller is not the owner");
token.mint(attacker, 1000);
}
Resources
Detailed Vulnerability Information:
- SWC Registry - Smart Contract Weakness Classification
- ConsenSys Best Practices
- Rekt News - DeFi exploit analysis
Related Skills:
security-audit/checklists/common-vulnerabilities.md- Complete vulnerability checklistsecurity-audit/checklists/defi-checklist.md- DeFi-specific vulnerabilitiessecurity-audit/checklists/upgrade-checklist.md- Upgrade-related issues
Note: This is a reference skill. For comprehensive security auditing, use the security-audit skill which contains detailed checklists and methodologies.