This repository contains a collection of smart contract security audits performed on various Solidity-based projects.
Each audit includes detailed vulnerability findings, severity classifications, and recommended remediations following industry best practices.
The goal of this repository is to serve both as:
- A knowledge base for common Solidity vulnerabilities and secure coding patterns.
- A portfolio of real-world contract audits demonstrating analysis, exploit reproduction, and secure refactoring.
Each audited contract is organized in its own folder containing:
- Source code of the analyzed contract (
.solfiles). - Audit report (
README.md) describing vulnerabilities, severity levels, and recommendations. - Test scripts (
.t.solor.s.sol) to reproduce vulnerabilities or validate fixes.
Example structure:
/src
├── random/
│ ├── contract.sol
│ ├── slither
│ └── README.md ← detailed audit report
├── retirement/
│ └── ...
└── ...
Some samples of audits can be found here:
- PredictTheFutureChallenge Audit Report
- RetirementFundChallenge Audit Report
- GuessTheRandomNumberChallenge Audit Report
This report includes:
- Full vulnerability breakdown by severity.
- Suggested code improvements.
- Secure implementation examples.
- Step-by-step instructions on how to execute the tests and scripts locally using Foundry.
All contracts and tests are built and audited using the following toolset:
This repository aims to promote secure smart contract development through:
- Demonstrating real audit methodologies.
- Documenting exploit scenarios and fix implementations.
- Encouraging best practices aligned with OpenZeppelin and Ethereum security standards.
Lucas Gonçalves de Campos
📅 November 2025
🔗 Blockchain Security Review Collection