Chapter 14. Security considerations

 

This chapter covers

  • Understanding Solidity weak spots and risks associated with external calls
  • Performing safe external calls
  • Avoiding known security attacks
  • General security guidelines

In the previous chapter, I gave you some advice on areas you should look at before deploying your Dapp on the production network. I believe security is such an important topic that it should be presented separately, so I’ve decided to dedicate this entire chapter to it.

I’ll start by reminding you of some limitations in the Solidity language that, if you overlook them, can become security vulnerabilities. Among these limitations, I’ll particularly focus on external calls and explain various risks you might face when executing them, but I’ll also try to give you some tips for avoiding or minimizing such risks. Finally, I’ll present classic attacks that might be launched against Ethereum Dapps so that you can avoid costly mistakes, especially when Ether is at stake.

14.1. Understanding general security weak spots

You should pay attention to certain limitations in the Solidity language because they’re generally exploited as the first line of attack by malicious participants against unaware developers:

14.2. Understanding risks associated with external calls

 
 
 

14.3. How to perform external calls more safely

 
 
 

14.4. Avoiding known security attacks

 
 

14.5. General security guidelines

 
 
 
 

Summary

 
 
 
sitemap

Unable to load book!

The book could not be loaded.

(try again in a couple of minutes)

manning.com homepage