cmichel-smart-contract-auditor-guide
cmichel.io — How to become a smart contract auditor (reference)
Educational routing only. This skill does not reproduce the full article. Read the live page for complete detail, links, and any author updates.
Canonical URL
- How to become a smart contract auditor — Christoph Michel, 30 October 2021 (per page metadata).
What the guide covers (outline)
The post is Ethereum / EVM–oriented (most paid audit demand at time of writing, per author). Rough structure:
| Section | Topics (high level) |
|---|---|
| Prerequisites | Programming first; suggests JavaScript as a gateway if new; argues reading code is foundational for review work. |
| Solidity & security | Learn by doing; recommends CTF-style challenges (e.g. Damn Vulnerable DeFi, Ethernaut, Capture The Ether) and notes overlap / legacy Solidity caveats; mentions harder contests (e.g. Paradigm CTF) and permissionless venues (Immunefi, Code4rena). |
| Common contracts | ERC-20 / ERC-721 nuances, proxies / delegatecall, MasterChef-style rewards, Compound-style lending, Uniswap V2 as AMM baseline—author frames these as recurring patterns in real audits. |
| Finance vocabulary | Points to a Khan Academy derivatives chapter for options/futures/perp-style language used in DeFi. |
| FAQ | Staying current (e.g. Twitter, BlockThreat newsletter), rough hourly bands (treat as historical), LOC/hour scoping heuristics, when to stop reviewing, tooling (Solidity Visual Developer), traits (e.g. conscientiousness), Solana as a harder pivot (Rust + account model). |
How to combine with blockint
| Need | Skill |
|---|---|
| EVM DeFi triage patterns | evm-solidity-defi-triage-agent |
| Broader DeFi audit / rug posture | defi-security-audit-agent |
| Exploit post-mortems | flash-loan-exploit-investigator-agent, honeypot-detection-techniques |
| Solana program security (different stack) | solana-defi-vulnerability-analyst-agent, sealevel-attacks-solana |
Guardrails
- Stale data — compensation ranges and tool landscape are 2021-era; verify current market and tooling.
- Not career or legal advice — hiring, visas, and contracts need professional counsel where relevant.
- Jurisdiction — bug bounties and contests have rules; follow each program’s terms.
- Ethics — use skills for defensive security and responsible disclosure, not theft or harassment.
Goal: a discoverable pointer to cmichel.io/how-to-become-a-smart-contract-auditor for EVM auditor education context inside blockint.
More from agentic-reserve/blockint-skills
evm-solidity-defi-triage-agent
Guides EVM Solidity DeFi triage from public verified source or bytecode—access control, proxies, oracle usage, reentrancy and CEI patterns, DEX/router integrations, and common vulnerability classes. Use when the user asks for Ethereum or L2 smart contract security review, Solidity audit triage, OpenZeppelin proxy risks, or EVM-specific DeFi patterns—not for live exploits or private keys.
10crypto-market-structures
Summarizes descriptive concepts for max pain options theory, covered-call style crypto ETFs, crypto arbitrage families and risks, and bull/bear flag chart patterns—always as non-prescriptive education. Use when the user asks about max pain, premium income ETFs, arbitrage, funding rates, flash loans, or bull/bear flags in crypto trading context.
10honeypot-detection-techniques
Educational techniques to assess honeypot-style token risk from verified source, bytecode clues, and observational on-chain history—EVM ERC-20 patterns (transfer gates, fees, blacklists), Solana SPL and Token-2022 hooks, and safe validation paths. Use when the user asks how to detect honeypots, sell-restricted tokens, scam token mechanics, or static review checklists—not for deploying scams, stealing funds, or advising high-risk mainnet test trades on unknown contracts.
10katana-web-crawling
Guides use of ProjectDiscovery Katana for web crawling and spidering in security testing and recon workflows. Covers installation, standard vs headless mode, scope and rate limits, JSONL output, and piping from httpx or URL lists. Use when the user mentions Katana, projectdiscovery/katana, web crawling, spidering, endpoint discovery, attack surface mapping, or chaining crawlers in automation pipelines.
10solana-defi-vulnerability-analyst-agent
Guides discovery and documentation of Solana DeFi protocol risks from public code and chain state—Anchor/native programs, PDAs, CPIs, oracles, pools, SPL mechanics, and historical tx reconstruction. Use when the user asks for Solana program security review, DeFi vulnerability triage, PDA or CPI safety, oracle or liquidity-pool risk, launchpad/bonding-curve issues, or evidence-backed severity findings without exploits or private keys.
10solana-tracing-specialist
Guides Solana-specific on-chain forensics—ATA resolution, SPL instruction parsing, transaction history via RPC and indexers (e.g. Helius-style APIs), fund-flow graphs, Solana clustering heuristics, and program authority review. Use when the user investigates Solana wallets, SPL tokens, DEX/Jito flows, rug or phishing patterns on Solana, or needs evidence-structured tracing reports with public data only.
10