
Learn blockchain security and smart contract auditing with a hacker mindset, exploring edge cases, risk factors, and practical Solidity foundry techniques for Web3 applications.
Explore Solidity-based blockchain smart contracts, including oracles, gas optimization, and immutable and state variables, while learning practical guidance to overcome common development obstacles with limited resources.
Trace the history of ethereum as a world computer, a decentralized, open-source platform built with ether and solidity, enabling smart contracts, auditing, transparency, and scalable web three applications.
Trace the birth of Ethereum from Vitalik Buterin's vision to a general-purpose, Turing-complete blockchain with smart contracts, culminating in the first block mined on July 30, 2015.
Explore the four Ethereum development stages—frontier, homestead, metropolis, serenity—and the hard forks shaping each phase, including Ice Age, Byzantium, Istanbul, and the Dao-led Ethereum Classic split.
Traces the dao era to Ethereum and Ethereum Classic, detailing hard forks, DoS attacks, replay protection, and Metropolis toward Ethereum 2.0.
Adopt best practices for learning Web3 by engaging with the community on GitHub and chat channels, pace study with breaks, and review topics from basics to security and live pentesting.
Explore how blockchain creates decentralized, peer-to-peer networks with smart and hybrid contracts, from Bitcoin's digital gold origins to oracle-driven off-chain data and Ethereum-based ecosystems like EVM and Uniswap.
Explore how blockchains and smart contracts create trust-minimized, transparent, and immutable agreements that prevent breaches and enforce promises across decentralized networks.
Join this quick recap to reinforce blockchain basics, from Bitcoin and Ethereum to smart contracts, L1/L2 rollups, and Chainlink, plus proof-of-stake and validator concepts.
Set up a MetaMask wallet on the Sepolia testnet and obtain test ether from a faucet. Perform your first transaction, reviewing gas price, gas limit, nonce, and the transaction hash.
Discover how gas powers blockchain transactions, guiding mining and validation incentives, fees, and gas price dynamics as blocks confirm, with gas limit and gas used determining the final transaction cost.
Learn how blockchains work by hashing data with sha256, mining to find nonces, and linking blocks via previous hashes in a tamper-proof, decentralized network protected by private keys and signatures.
Master transaction signing in blockchain systems by understanding private keys, public keys, ECDSA, and keccak-256, how signatures verify data, and why securely managing keys matters in Ethereum.
Explore how gas works under IP 1559, covering base fee, priority fee, gas limit, and transaction fees, and how network congestion affects costs in practice.
Compare centralized servers to decentralized blockchains, explain consensus with proof of work and proof of stake, and cover sybil attacks, Ethereum's merge, mining rewards, and layer1 versus layer2.
Explore layer 1 and layer 2 concepts, explain rollups and their role in scaling Ethereum, and contrast optimistic and zero-knowledge rollups with proofs and challenges.
explores the three stages of rollups in layer two maturity, stage zero, stage one, and stage two, covering security councils, exit windows, data availability, and zero-knowledge proofs with zkSync era.
Learn to bridge funds from sepolia to zkSync sepolia using the zkSync bridge, and compare locking-unlocking versus minting-burning methods on test nets.
Ready to dive into Web3 development, this lecture covers the basics of solidity and the journey toward building applications and protocols.
Master solidity fundamentals by learning best coding practices, gas optimization, deployment and compilation, and core concepts like strings, functions, identifiers, and modifiers.
Follow GitHub resources to learn web3 development with Solidity and Remix IDE, and pace yourself to absorb the material. Engage with the community to become a skilled smart contract auditor.
Learn to set up your first smart contract in Remix, configure Solidity versions with pragma and SPDX license, and create a simple storage contract.
Explore basic Solidity variable types such as bool, uint, int, address, and bytes with examples like a favorite number and default values.
Master solidity functions by building storage and retrieval of a favorite number, exploring public, internal, external, and private visibility, and understanding gas, deployment, and view and pure keywords.
Explore arrays and structs in Solidity by building a dynamic list of people with favorite numbers and names, and add people through a public function that pushes to the list.
Learn how semicolons trigger errors and how warnings still compile Solidity, with debugging tips using AI tools such as ChatGPT and notes on memory keywords and store functions.
Explore Solidity data locations—data, memory, storage, stack, code, and logs—distinguishing read-only call data from read/write memory and permanent storage, with practical guidance on mappings, arrays, and structures.
Advance to building advanced smart contracts by deploying from one contract to another with imports. Review a GitHub repository and learn project setup, deployment, imports, and gas-saving practices.
Set up a storage factory contract in solidity to deploy a simple storage contract, with MIT license, pragma solidity 0.8.19, and two ways to inherit simple storage.
Discover how to deploy a new simple storage contract from within another contract, resolve not found errors due to case sensitivity, and import contracts without duplicating code.
Learn to use Solidity imports to fetch simple storage from simple_storage.sol, avoid copy-paste, and build a storage factory with a public create function that exposes simple storage.
Learn to interact with multiple simple storage contracts via a storage factory, using abi and address concepts, deploying and tracking contracts in an array, and retrieving data.
Learn how inheritance and overriding work in solidity by extending a simple storage contract, implementing add five storage to update a favorite number, and using virtual and override.
Develop a fund me contract in Solidity that accepts deposits, enables owner withdrawals, enforces a minimum donation, uses Chainlink price feeds for native tokens across networks on testnet with MetaMask.
Set up your web3 project and scaffold a fund me contract in solidity with public fund and withdraw functions, enforcing a minimum funding value in usd.
Create a payable funding function in solidity that enforces a minimum value in ether with msg.value and demonstrates error messaging on ethereum networks like sepolia.
Understand how transaction reverts work in Solidity, how gas is consumed even when a call fails, and how a fund function with require logic demonstrates error handling.
Explore how decentralized oracles fetch real-world price data for smart contracts, using Chainlink data feeds, price feeds, VRF, and keepers to power DeFi pricing.
Learn to import libraries from npm and GitHub into Solidity, fetch real-time prices with Chainlink aggregator v3, and compare importing via npm vs local interfaces.
Learn to build a solidity contract with a price converter library and aggregator v3 price feed. Handle funding, minimum USD checks, owner only withdrawals, and fallback and receive behavior.
Explore foundry basics for smart contract development, including scripts, tests, and contracts, with guidance on documentation and Windows installation using Visual Studio Code.
Set up a Windows development environment for blockchain work by installing Visual Studio Code, enabling WSL, using the Ubuntu terminal, and configuring Git and basic project commands with foundry fundamentals.
Navigate VSCode to install and configure Solidity extensions, including the Hardhat and Solidity language packs, and set up formatting on save and preferences for clean code.
Compile a smart contract with foundry by running forge build or forge compile, observe build info, bytecode, and source id, and confirm the compiler runs successfully.
Anvil boots up a local blockchain on localhost with 10,000 accounts and chain ID 31337, enabling local contract deployment and wallet interactions.
Deploy a simple storage contract locally with forge, compiling, creating via a ganache rpc url in interactive mode with a private key, then broadcast the deployment with gas considerations.
Learn to protect private keys by never typing them in the terminal and avoiding plain text storage. Use the interactive button to prevent terminal storage, and plan credential storage later.
Learn to deploy a simple storage contract locally with a forge script using anvil, including script setup, importing contracts, and running or simulating deployments via vm broadcast and rpc url.
explains securing private keys in smart contract development using dot env and gitignore, exporting keys and rpc url as environment variables, and troubleshooting decoding errors during forge deployment.
Protect private keys with an encrypted key store and interactive prompts, avoid plain text keys, then deploy and interact with a smart contract via forge CLI and an RPC URL.
learn to deploy a smart contract and interact with it via cast, sending transactions to a deployed address and retrieving the favorite number by decoding hex with cast to base.
Deploy a smart contract to the Sepolia testnet by configuring the RPC URL, chain id, and private key with a node, then deploy via MetaMask and review foundry concepts.
Explore the Funmi contract's foundry workflow, including GitHub deployment, code cleanup, gas optimization, and testing to ensure robustness, while extending compatibility with price indexes and on-chain environments such as Anvil.
Set up and test a FundMe contract with Foundry, push to GitHub, run tests, and deploy scripts, while integrating a price feed and optimizing gas efficiency.
Learn how to set up and run tests with forge test, import the aggregator v3 interface and price converter from src, and prepare dependencies for the fund me contract.
Resolve forge build errors by installing the brownie toolkit and configuring remappings, then locate and integrate the aggregator v3 interface from the src folder for price converter and chainlink.
Learn to write Solidity smart contract tests with Forge Foundry, measure test coverage, and validate functions like minimum USD, owner, and withdrawal through deployed test contracts.
Learn how to debug Solidity tests with forge test, verify owner logic using the message sender versus contract deployer, and troubleshoot failures to improve test coverage.
Deploy advanced smart contract deployment scripts with a forge script to deploy fund me from src/funmi.sol, using vm start broadcast and anvil simulation to test gas efficiency on Ethereum.
Refactor solidity tests to boost gas efficiency using immutable and storage variables and constructors, while correcting deployment scripts and validating forge-based deployments, with mock price feed integration.
Deploy a mock price feed by building a helper config script that selects Sepolia or Anvil configurations, enabling local testing of a price feed contract.
Refactor and integrate a mock v3 price feed by importing a mock v3 aggregator, configuring a price feed in tests, and validating deployment using forge test.
Learn to write and run tests for a fund me smart contract using forge test, including VM.expect revert and zero-fund scenarios, with price feed mocks.
Explore the frontend development workflow for smart contracts, from cloning the repository and using a live server to build HTML interfaces and connect MetaMask via window.ethereum.
Develop a lottery contract using foundry fundamentals, natspec annotations, and chainlink vrf to provide verifiable randomness, with practical testing and security-focused coding guidance.
Learn to set up a foundry smart contract lottery using a GitHub repo and a raffle contract. Enter raffle, pick winner, nat spec, entrance fee, vrf.
Learn gas-efficient custom errors in Solidity by defining an error for not enough ETH sent, using require message.value to enforce entrance fees, and preferring external over public functions for raffles.
Explore how Solidity events power a raffle by recording entrants in a private s players array and emitting a raffle entered event with indexed data for efficient filtering.
discover how to pick a raffle winner using block timestamp as a source of randomness, enforce intervals with last timestamp, and implement payable entry, events, and contract setup in foundry.
Explore Chainlink VRF for generating random numbers, including creating a subscription, adding a consumer, funding with LINK, and requesting randomness on the Sepolia testnet.
learn how to implement chainlink vrf in smart contracts by wiring vrf coordinator, request randomness, and deterministically pick a raffle winner using chainlink vrf v2 in solidity foundry.
Explore implementing raffle state with an enum in Solidity, using open and calculating states, initializing to open, gating entry when not open, and cycling back to open after withdrawal.
Complete a Solidity smart contract using Chainlink automation for periodic upkeep in a raffle. Implement check upkeep and perform upkeep, and set up deployment with automation interface and helper config.
Explore ERC-20 fundamentals, including fungible tokens, their transfer mechanics, and the distinction from NFTs, using OpenZeppelin and forge to build, test, and deploy.
Explore non-fungible tokens and their uniqueness, including what can be an NFT (art, JPEGs, SVGs) and their IPFS storage. Compare static and dynamic NFTs and marketplaces like OpenSea.
Explore what NFTs are on Ethereum as non-fungible tokens under the ERC-721 standard, including token IDs, metadata, IPFS storage, ownership records, and popular marketplaces.
Set up a Foundry project for NFT, install OpenZeppelin contracts, create a basic NFT (ERC721) with a constructor, token counter, and tokenURI function, and explore base64-encoded token URIs.
Explore how IPFS stores files for NFTs, including pinning, node availability, and the distinction between token URI and image URI, plus minting and URI mapping in Solidity.
Craft a deployment script to deploy a basic NFT using forge, anvil, and a test suite, then validate the deployment with tests and abi encode the token name.
Explain the disadvantages of AI in NFT and smart contract development, including debugging challenges and unreliable code suggestions, while exploring IPFS, pinning services, and dynamic SVG-based NFTs.
Learn to blend AI and manual coding to build an ERC-721 NFT contract with happy and sad SVGs, token URIs, and forge-based deployment.
Explore DeFi basics through open-source platforms like Lido, MakerDAO, RV, Curve Finance, and Uniswap, and examine stablecoins, TVL, and MEV.
Explore stablecoins, including pegged and floating designs, and learn how centralized and algorithmic governance, collateral types (endogenous and exogenous), and concepts like health factor and liquidation ensure stability.
Explore an algorithmic floating defi coin with collateral and price feeds, deployed on polygon, using chainlink and firebase, plus metamask integration for on-chain minting.
This demo teaches building a mock six coin secx ERC-20 with mining, collateral, and a price feed. It covers foundry setup, openzeppelin, chainlink remappings, and debugging while avoiding real contracts.
Explore Merkle trees and Merkle proofs to verify airdrop eligibility and token claims, using OpenZeppelin's merkle proof library. Build a bagel token and a merkle airdrop contract for ERC-20 distributions.
Implement a merkle proof-based airdrop in solidity by using a merkle root in the constructor and verifying claims with MerkleProof, then emit claim events and perform safe ERC-20 transfers.
Explore Merkle trees and Merkle scripts, signature verifications, transaction types, and blobs in L2 to L1 data, using Open Zeppelin's Merky, proto dank sharding, EIP-4844, and security perspectives.
Learn why smart contract security matters for DeFi and how audits mitigate risk. Use manual review and tools like Slither and formal verification to improve contract safety.
Discover how a smart contract security review unfolds through three phases—initial review, fixes, and mitigation—highlighting scoping, reporting, and common attacks in an immutable blockchain.
Audits a password store smart contract, uncovering on-chain password exposure and an access-control flaw. Uses Foundry and forge tools for onboarding and reporting remediation.
Perform a second audit of the puppy raffle smart contract, identifying issues from re-entrancy and weak randomness to gas-related dos and unsafe transfers, with hands-on tooling like forge and slither.
Review the third audit of the t swap DeFi automated market maker, highlighting bugs such as missing deadline checks, misordered events, incorrect fee math, and missing slippage protection.
Explore Code Hawks' beginner-friendly first flights and competitive audits to spot bugs in a modified fund me contract for a Christmas dinner, including deadline gaps, non-reentrancy, and unsafe withdrawals.
Audit the 21 protocol blackjack smart contract to identify vulnerabilities and generate a formal report. Analyze weaknesses in randomness and deployment while outlining remediation steps for the Ethereum based game.
Audit the giving thanks charity platform on Ethereum, verifying charities, minting donation receipt NFTs, and examining privacy, admin controls, and low-level calls in an ERC-721 based contract.
Audit a Halloween-themed trick-or-treat NFT contract on Foundry, examining deployment steps, code structure, and security risks including weak randomness, re-entrancy, mishandled funds, and lack of tests.
Learn to identify web3 bug bounty targets across platforms and self-hosted programs, evaluate audits and scope, and pursue high-reward, well-documented opportunities.
Audit the SkyBridge protocol using solidity and forge, uncover evidence of incorrect behavior, and evaluate admin controls, including a potential zero-address vulnerability and test-driven PoC exploration.
Course Description:
Unlock the power of blockchain technology, Solidity programming, and Web3 security with this comprehensive 30-hour course designed for developers, security enthusiasts, and penetration testers. This course provides you with the knowledge and practical skills to build, test, and secure smart contracts using Solidity, Foundry, and best practices for Web3 security. Whether you're a beginner or an experienced professional, this course is tailored to help you master blockchain security and pentesting techniques.
What You'll Learn:
Solidity Programming Mastery
Fundamentals of Solidity and smart contract development.
Advanced Solidity concepts: gas optimization, design patterns, and contract lifecycle.
Interfacing Solidity contracts with decentralized applications (dApps).
Foundry for Smart Contract Development & Testing
Introduction to Foundry: installation and setup.
Writing and running tests for Solidity contracts using Foundry.
Advanced Foundry features for efficient contract testing and security auditing.
Blockchain Security Fundamentals
Understanding the architecture of blockchain networks and consensus mechanisms.
Key security features of blockchain and potential vulnerabilities.
Exploring common attack vectors such as 51% attacks, Sybil attacks, and more.
Web3 Penetration Testing & Security
Identifying and exploiting vulnerabilities in Web3 platforms and dApps.
Smart contract vulnerability analysis: reentrancy attacks, front-running, and others.
Common pitfalls in Web3 applications and how to mitigate them.
Security Best Practices & Mitigation Strategies
Secure coding practices in Solidity to avoid common vulnerabilities.
Strategies for securing decentralized applications and smart contracts.
Best practices for preventing exploits and improving contract reliability.
Real-World Pentesting Scenarios
Hands-on pentesting simulations with popular Web3 platforms and smart contracts.
Exploiting known vulnerabilities in blockchain-based applications.
Advanced attack techniques for deep Web3 penetration testing.