Secure Your Solidity Code

Questions and Answers

Which of the following is a recommended practice for Solidity contracts?

• Using different Solidity compiler versions across all contracts.
• Making state changes and external calls within modifiers.
• Using recent versions of Solidity for bug fixes and security checks. (correct)
• Allowing unprotected external/public function calls for easier fund withdrawals.

What is the purpose of locking pragma in Solidity contracts?

• To ensure contracts are deployed with different compiler versions/flags.
• To avoid mistaken/intentional killing of contract through unprotected selfdestruct calls.
• To prevent unauthorized fund withdrawals by users.
• To ensure contracts are deployed with the same compiler version/flags they were tested with. (correct)

Which of the following is a recommended practice for Solidity constructors?

• Making state changes and external calls within constructors.
• Checking if the constructor is implemented or removing the call if not. (correct)
• Not implementing constructors at all.
• Using improper naming conventions to avoid security issues.

Flashcards are hidden until you start studying

Study Notes

1. Use recent versions of Solidity for bug fixes and security checks.
2. Lock pragma to ensure contracts are deployed with the same compiler version/flags they were tested with.
3. Use one Solidity compiler version across all contracts.
4. Enforce appropriate access control for contract functions executing critical logic.
5. Protect against unauthorized fund withdrawals by users through unprotected external/public function calls.
6. Protect against mistaken/intentional killing of contract through unprotected selfdestruct calls.
7. Modifiers should only implement checks and not make state changes and external calls.
8. Make sure modifiers execute _ or revert to avoid unexpected behavior.
9. Use proper constructor naming conventions to avoid security issues.
10. Check if the constructor is implemented or remove call if not.