The training team at Arbitrary Execution is hard at work preparing for the upcoming offering of our Advanced Smart Contract Security course starting October 31, 2022. In case you’re unfamiliar with the course, we’re excited to provide some information.

What’s Included in The Course?

Attendees of our smart contract security training receive 5 days of instructor-led training held online from 10:00 AM - 6:00 PM EST. The course is led by expert security researchers and smart contract auditors, who draw from their experiences while teaching and are happy to answer questions about the day to day working in these roles.

Attendees will receive access to our training Discord server, which includes channels for course content, discussions, and breakout rooms for group exercises. Those who complete the course will be added to the alumni text and voice channels, which are a great way to share knowledge and network with peers and previous attendees.

Course content alternates between lectures and lab exercises that provide valuable hands-on experience. We also hold a Capture the Flag (CTF) competition over the five days for attendees to compete in. There are dedicated timeslots to work on the CTF, and bonus challenges for those who complete labs early.

Who Should Take This Course?

Several types of builders and breakers will benefit from taking this course:

  • Solidity developers who want to write better code will learn about the different bug classes and common pitfalls of Solidity development. As a result, they will come out of the class knowing how to write safer code.
  • Bug bounty chasers as well as aspiring/current smart contract auditors can level up their vulnerability research skills, and leave the course with hands-on experience with industry-standard tools.
  • Traditional security researchers who are familiar with the VR process, but new to web3 bug classes and behaviors, will leave the course understanding the attack surface of smart contracts.

Course Outline

The following topics will be covered in the course:

  • Introduction to vulnerability research
  • Using Slither for static analysis
  • Calladata, fallback functions, and method ID collisions
  • Proxy patterns and delegatecall
  • Fuzzing
  • EVM internals
  • Parity multisig hack review
  • EVM storage layout
  • Reentrancy
  • Reverse engineering with Ghidra
  • Malicious airdrops
  • Tx.origin misuse
  • Centralized price oracles
  • Understanding MEV

Course Benefits

There are several aspects of our course that make it stand out compared to other blockchain trainings and smart contract audit courses:

  • A variety of exercises - You will replicate historical hacks, fuzz smart contracts, and solve CTF challenges to break up lecture content and avoid death by PowerPoint.
  • Updated materials - The Ethereum ecosystem moves quickly. We continuously review and update course content with each offering to ensure it is up to date with the latest and greatest tech.
  • Hands-on use of industry-standard tools - You will complete labs that require the use of Ghidra, Echidna, and Slither.

How to Register

Ready to get started? Reserve your seat through the training page on our website. If the October 31st class doesn’t fit your schedule, consider one of our other course dates in 2023:

  • March 27th, 2023 - March 31st, 2023
  • June 12th, 2023 - June 16th, 2023
  • October 16th, 2023 - October 20th, 2023