Solidity Security Audit Checklist
Language Rule
- Always respond in the same language the user is using. If the user asks in Chinese, respond in Chinese. If in English, respond in English.
Usage: This skill is for security audits and code reviews. It is NOT auto-invoked — call
when reviewing contracts for vulnerabilities.
Contract-Level Vulnerabilities
1. Reentrancy
| Variant | Description | Check |
|---|
| Same-function | Attacker re-enters the same function via fallback/receive | All external calls after state updates (CEI pattern)? |
| Cross-function | Attacker re-enters a different function sharing state | All functions touching shared state protected by ? |
| Cross-contract | Attacker re-enters through a different contract that reads stale state | External contracts cannot read intermediate state? |
| Read-only | View function returns stale data during mid-execution state | No critical view functions used as oracle during state transitions? |
Case:
GMX v1 (Jul 2025, $42M) — reentrancy in GLP pool on Arbitrum, attacker looped withdrawals to drain liquidity.
2. Access Control
| Check | Detail |
|---|
| Missing modifier | Every state-changing function has explicit access control? |
| Modifier logic | Modifier actually reverts on failure (not just empty check)? |
| State flag | Access-once patterns properly update storage after each user? |
| Admin privilege scope | Owner powers are minimal and time-limited? |
Case:
Bybit (Feb 2025, $1.4B) — Safe{Wallet} UI injected with malicious JS, hijacked signing process. Not a contract flaw, but access control at the infrastructure layer.
3. Input Validation
| Check | Detail |
|---|
| Zero address | All address params reject ? |
| Zero amount | Fund transfers reject zero amounts? |
| Array bounds | Paired arrays validated for matching length? |
| Arbitrary call | No unvalidated where attacker controls ? |
| Numeric bounds | Inputs bounded to prevent dust attacks or gas griefing? |
4. Flash Loan Attacks
| Variant | Mechanism | Defense |
|---|
| Price manipulation | Flash-borrow → swap to move price → exploit price-dependent logic → repay | TWAP oracle with min-liquidity check |
| Governance | Flash-borrow governance tokens → vote → repay in same block | Snapshot voting + minimum holding period + timelock ≥ 48h |
| Liquidation | Flash-borrow → manipulate collateral value → trigger liquidation | Multi-oracle price verification + circuit breaker |
| Combo (rounding) | Flash-borrow → manipulate pool → micro-withdrawals exploit rounding → repay | Minimum withdrawal amount + virtual shares |
Cases:
- Cream Finance (Oct 2021, $130M) — flash loan + yUSD oracle manipulation + missing reentrancy guard
- Abracadabra (Mar 2025, $13M) — state tracking error in cauldron, self-liquidation + bad loan
- Bunni (Sep 2025, $8.4M) — flash loan + pool price manipulation + rounding error micro-withdrawals
5. Oracle & Price
| Check | Detail |
|---|
| Single oracle dependency | Using multiple independent price sources? |
| Stale price | Checking timestamp and rejecting old data? |
| Spot price usage | Never using raw AMM reserves for pricing? |
| Minimum liquidity | Oracle reverts if pool reserves below threshold? |
| Price deviation | Circuit breaker if price moves beyond threshold vs last known? |
| Chainlink round completeness | Checking answeredInRound >= roundId
|
Case:
Cream Finance (Oct 2021, $130M) — attacker manipulated yUSD vault price by reducing supply, then used inflated collateral to drain all lending pools.
6. Numerical Issues
| Type | Description | Defense |
|---|
| Primitive overflow | — reverts if b=255 on Solidity ≥0.8 | Use consistent types, avoid implicit narrowing |
| Truncation | — silently overflows even on ≥0.8 | Use library for all type narrowing |
| Rounding / precision loss | always rounds to 0 for small amounts | Multiply before divide; check for zero result |
| Division before multiplication | loses precision | Always |
Case:
Bunni (Sep 2025, $8.4M) — rounding errors in micro-withdrawals exploited via flash loan.
7. Signature Issues
| Type | Description | Defense |
|---|
| ecrecover returns address(0) | Invalid sig returns , not revert | Always check |
| Replay attack | Same signature reused across txs/chains | Include + + in signed data |
| Signature malleability | ECDSA has two valid (s, v) pairs per signature | Use OpenZeppelin (enforces low-s) |
| Empty loop bypass | Signature verification in for-loop, attacker sends empty array | Check signatures.length >= requiredCount
|
| Missing msg.sender binding | Proof/signature not bound to caller | Always include in signed/proven data |
8. ERC20 Compatibility
| Issue | Description | Defense |
|---|
| Fee-on-transfer | may deliver <100 tokens | Check balance before/after, use actual received amount |
| Rebase tokens | Token balances change without transfers | Never cache external balances; always read live |
| No bool return | Some tokens (USDT) don't return bool on transfer | Use |
| ERC777 hooks | Transfer hooks can trigger reentrancy | Use on all token-receiving functions |
| Zero-amount transfer | — address poisoning | Reject zero-amount transfers |
| Approval race | Changing allowance from N to M allows spending N+M | Use / |
9. MEV / Front-Running
| Type | Description | Defense |
|---|
| Sandwich attack | Attacker front-runs buy + back-runs sell around victim | Slippage protection + deadline parameter |
| ERC4626 inflation | First depositor donates to inflate share price, rounding out later depositors | Minimum first deposit or virtual shares (ERC4626 with offset) |
| Approval front-run | Attacker spends old allowance before new allowance tx confirms | Use not |
| Unrestricted withdrawal | Attacker monitors mempool for withdraw tx, front-runs with own | Require commit-reveal or auth binding |
10. Storage & Low-Level
| Issue | Description |
|---|
| Storage pointer | Foo storage foo = arr[0]; foo = arr[1];
|
| Nested delete | — inner mapping data persists |
| Private variables | All contract storage is publicly readable via |
| Unsafe delegatecall | Delegatecall to untrusted contract can the caller |
| Proxy storage collision | Upgrade changes parent order → variables overwrite each other (use storage gaps) |
| msg.value in loop | msg.value doesn't decrease in loop — enables double-spend |
11. Contract Detection Bypass
| Method | How it works |
|---|
| Constructor call | Attack from constructor — during deployment |
| CREATE2 pre-compute | Pre-calculate contract address, use as EOA before deploying |
12. Proxy & Upgrade Vulnerabilities
| Check | Detail |
|---|
| access control | UUPS must have modifier? |
| Permissionless factory/registry | Can attacker use permissionless factory (e.g. Aquifer ) to satisfy upgrade checks? |
| modifier | Overridden / retains modifier? |
| Initializer protection | modifier prevents re-initialization? Implementation calls ? |
| Storage layout compatibility | Upgrade-safe storage layout (storage gaps or ERC-7201 namespace)? |
Case:
Code4rena 2024-07-basin H-01 (via
EVMbench Paper Fig.12, p.19) —
only checked delegatecall and Aquifer registration but lacked
, allowing anyone to upgrade a Well proxy to a malicious implementation and drain funds. Oracle patch: add a single
modifier.
13. Trust Boundary & Protocol Composability
| Check | Detail |
|---|
| Cross-vault trust isolation | Registry/Router relay calls verify vault-level authorization? |
| Trusted sender abuse | Functions like sendTokensToTrustedAddress
|
| Flash loan + routing combo | Can attacker use flash loan callback to make router impersonate arbitrary vault? |
| Collateral ownership verification | Liquidation/staking operations verify actual NFT/collateral owner? |
| Cross-contract state dependency | Multi-contract interactions free from intermediate state dependencies? |
Cases:
- Code4rena 2024-04-noya H-08 (via EVMbench Paper §4.2.1, Fig.6, p.8-9) — PositionRegistry + BalancerFlashLoan pipeline lacked vault-level auth; keeper used flash loan to make router impersonate any vault, draining cross-vault funds via
sendTokensToTrustedAddress
- Code4rena 2024-07-benddao (via EVMbench Paper Fig.13, p.19) — did not verify NFT ownership, allowing attacker to pass others' tokenIds for liquidation
14. State Ordering & Counter Manipulation
| Check | Detail |
|---|
| Counter/ID increment order | or similar ID increments happen before external calls? |
| Auto-buy in create | functions with auto calls execute only after ID/state fully initialized? |
| Refund timing | ETH refund (excess) happens after all state updates complete? |
| Bonding curve metadata overwrite | Can attacker reenter to modify bonding curve/pricing params — buy cheap, switch to expensive curve, sell high? |
Case:
Code4rena 2024-08-phi H-06 (via
EVMbench Paper Appendix H.1, p.25-28) —
called
before incrementing
;
refunded excess ETH before updating
. Attacker reentered to accumulate shares on cheap curve, overwrote metadata to expensive curve, sold to drain all contract ETH. Fix: add
to
/
.
Infrastructure-Level Vulnerabilities
15. Frontend / UI Injection
Attackers inject malicious code into the dApp frontend or signing interface.
Defense: Verify transaction calldata matches expected function selector and parameters before signing. Use hardware wallet with on-device transaction preview. Audit all frontend dependencies regularly.
Case:
Bybit (Feb 2025, $1.4B) — malicious JavaScript injected into Safe{Wallet} UI, tampered with transaction data during signing.
16. Private Key & Social Engineering
Compromised keys remain the #1 loss source in 2025-2026.
Defense: Store keys in HSM or hardware wallet. Use multisig (≥ 3/5) for all treasury and admin operations. Never share seed phrases with any "support" contact. Conduct regular social engineering awareness training.
Case:
Step Finance (Jan 2026, $30M) — treasury wallet private keys compromised via device breach.
17. Cross-Chain Bridge
| Check | Detail |
|---|
| Inherited code | Audit all bridge logic inherited from third-party frameworks |
| Message verification | Cross-chain messages validated with proper signatures and replay protection? |
| Liquidity isolation | Bridge funds separated from protocol treasury? |
Case:
SagaEVM (Jan 2026, $7M) — inherited vulnerable EVM precompile bridge logic from Ethermint.
18. Legacy / Deprecated Contracts
Old contracts with known bugs remain callable on-chain forever.
Defense: Permanently
or migrate funds from deprecated contracts. Monitor old contract addresses for unexpected activity. Remove mint/admin functions before deprecation.
Case:
Truebit (Jan 2026, $26.4M) — Solidity 0.6.10 contract lacked overflow protection, attacker minted tokens at near-zero cost.
Automated Analysis with Slither MCP (if available)
When
MCP is configured, run automated analysis BEFORE the manual checklist below:
Recommended Audit Flow
Step 1: slither MCP automated scan
→ get_detector_results(path, impact="High")
→ get_detector_results(path, impact="Medium")
Step 2: Review Slither findings — triage true positives vs false positives
Step 3: Manual checklist below — catch what Slither misses (business logic, economic attacks)
Step 4: Cross-reference — Slither + manual findings combined into final report
Slither MCP Tools
| Tool | Usage | Complements |
|---|
| Extract functions, inheritance, flags | Manual access control review |
| Get exact source code with line numbers | Faster than grep for locating code |
| Find all implementations of a function signature | Cross-contract reentrancy analysis |
| Run 90+ security detectors, filter by impact/confidence | Automated version of manual checklist |
| List available detectors with descriptions | Understanding what's being checked |
What Slither Catches vs What It Misses
| Slither Catches Well | Manual Review Still Needed |
|---|
| Reentrancy patterns | Business logic flaws |
| Unprotected functions | Economic attack vectors (flash loan combos) |
| Unused state variables | Cross-protocol composability risks |
| Shadowing issues | Oracle manipulation scenarios |
| Incorrect ERC20 interface | Trust boundary architecture issues |
| Dead code | MEV/front-running specific to business logic |
Key Principle: Slither provides ground truth via static analysis — reduces false negatives on known vulnerability patterns. But it cannot reason about protocol-level economic attacks — that's where the manual checklist below is essential.
Graceful degradation: If slither MCP is not configured, skip this section and proceed directly to the manual checklist. All checklist items remain valid and self-contained.
Audit Execution Checklist
When conducting a security audit, check each item:
Reentrancy:
Access Control:
Input & Logic:
Token Handling:
Price & Oracle:
Signature & Crypto:
Flash Loan Defense:
Proxy & Upgrade (EVMbench):
Trust Boundary & Composability (EVMbench):
State Ordering (EVMbench):
Infrastructure:
AI Agent Audit Methodology
Source:
EVMbench (OpenAI/Paradigm, Feb 2026) — evaluated AI agents on 120 high-severity vulnerabilities from 40 Code4rena audit repositories across Detect/Patch/Exploit modes.
Audit Strategy
- Coverage over depth: scan ALL in-scope files; do not stop after finding the first vulnerability [EVMbench §5, p.10]
- Three-phase audit: Detect (identify vulnerabilities) -> Patch (write fix) -> Exploit (build PoC) [EVMbench §3.2, p.5]
- Incremental output: write findings continuously during audit to preserve progress [EVMbench Appendix G, Fig.18, p.24]
- Systematic category scan: check by vulnerability class (reentrancy, access control, numerical, oracle...) rather than intuition [EVMbench §3.1, p.4]
- Verify fixes: after patching, confirm original tests still pass AND exploit is no longer viable [EVMbench §3.2.2, p.5]
High-Frequency Vulnerability Patterns (Code4rena Data)
Source: EVMbench Table 4 (p.17) — 40 audit repositories
- Missing access control (upgradeability, liquidation, admin functions) — basin H-01, munchables, benddao
- Reentrancy + state ordering errors (refund before state update) — phi H-06, noya H-08
- Flash loan trust boundary penetration (exploiting router/registry trust propagation) — noya H-08
- Signature replay / front-running (checkpoint bypass, session signature replay) — sequence H-01, H-02
- Numerical precision / rounding (bonding curve, micro-withdrawals) — abracadabra H-02, size H-02
Key Findings
Source: EVMbench Paper §4.1 (p.7), Fig.7 (p.10), Fig.10 (p.18), Fig.11 (p.19)
- With mechanism hints, Patch success rate jumps from ~40% to ~94% [Fig.7] — agents know how to fix but struggle to find vulnerabilities
- Most vulnerabilities require ≤5 lines of code to fix [Fig.10, p.18]
- Most exploits require only 1-3 transactions [Fig.11, p.19]
- Agents whose finding count is closest to actual vulnerability count score highest (quality > quantity) [Fig.5, p.8]
2021-2026 Incident Quick Reference
| Date | Project | Loss | Attack Type | Root Cause | Source |
|---|
| Oct 2021 | Cream Finance | $130M | Flash loan + oracle | yUSD vault price manipulation via supply reduction | rekt.news |
| Feb 2025 | Bybit | $1.4B | UI injection / supply chain | Safe{Wallet} JS tampered via compromised dev machine | NCC Group |
| Mar 2025 | Abracadabra | $13M | Logic flaw | State tracking error in cauldron liquidation | Halborn |
| Jul 2025 | GMX v1 | $42M | Reentrancy | GLP pool cross-contract reentrancy on Arbitrum | Halborn |
| Sep 2025 | Bunni | $8.4M | Flash loan + rounding | Rounding direction error in withdraw, 44 micro-withdrawals | The Block |
| Oct 2025 | Abracadabra #2 | $1.8M | Logic flaw | cook() validation flag reset, uncollateralized MIM borrow | Halborn |
| Jan 2026 | Step Finance | $30M | Key compromise | Treasury wallet private keys stolen via device breach | Halborn |
| Jan 2026 | Truebit | $26.4M | Legacy contract | Solidity 0.6.10 integer overflow in mint pricing | CoinDesk |
| Jan 2026 | SagaEVM | $7M | Supply chain / bridge | Inherited Ethermint precompile bridge vulnerability | The Block |