crytic
diff --git a/‎.github/workflows/echidna.yml‎
Lines changed: 0 additions & 7 deletions b/‎.github/workflows/echidna.yml‎
Lines changed: 0 additions & 7 deletions
diff --git a/‎.github/workflows/lint_links.yml‎
Lines changed: 1 addition & 2 deletions b/‎.github/workflows/lint_links.yml‎
Lines changed: 1 addition & 2 deletions
diff --git a/‎.github/workflows/medusa.yml‎
Lines changed: 1 addition & 4 deletions b/‎.github/workflows/medusa.yml‎
Lines changed: 1 addition & 4 deletions
diff --git a/‎README.md‎
Lines changed: 1 addition & 1 deletion b/‎README.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎SUMMARY.md‎
Lines changed: 0 additions & 1 deletion b/‎SUMMARY.md‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎development-guidelines/incident_response.md‎
Lines changed: 2 additions & 3 deletions b/‎development-guidelines/incident_response.md‎
Lines changed: 2 additions & 3 deletions
diff --git a/‎mlc_config.json‎
Lines changed: 16 additions & 0 deletions b/‎mlc_config.json‎
Lines changed: 16 additions & 0 deletions
diff --git a/‎not-so-smart-contracts/cairo/L1_to_L2_address_conversion/README.md‎
Lines changed: 1 addition & 1 deletion b/‎not-so-smart-contracts/cairo/L1_to_L2_address_conversion/README.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎not-so-smart-contracts/cosmos/abci_panic/README.md‎
Lines changed: 1 addition & 1 deletion b/‎not-so-smart-contracts/cosmos/abci_panic/README.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎not-so-smart-contracts/substrate/randomness/README.md‎
Lines changed: 1 addition & 1 deletion b/‎not-so-smart-contracts/substrate/randomness/README.md‎
Lines changed: 1 addition & 1 deletion
@@ -81,13 +81,6 @@ jobs:
             contract: TestToken
             outcome: failure
             expected: 'echidna_balance_under_1000:\s*failed'
-          - name: Gas estimation
-            workdir: program-analysis/echidna/example/
-            files: gas.sol
-            config: gas.yaml
-            outcome: success
-            expected: "f(42,123,"
-            flaky: true
           - name: Multi
             workdir: program-analysis/echidna/example/
             files: multi.sol
 
@@ -22,8 +22,7 @@ jobs:
       - uses: actions/checkout@v5
         with:
           submodules: recursive
-      - uses: gaurav-nelson/github-action-markdown-link-check@v1
+      - uses: tcort/github-action-markdown-link-check@v1
         with:
           use-quiet-mode: "yes"
           check-modified-files-only: ${{ (github.event_name == 'pull_request' && 'yes') || 'no' }}
-          submodules: true
@@ -84,13 +84,11 @@ jobs:
             workdir: program-analysis/echidna/example/
             files: multi.sol
             contract: C
-            config: filter.yaml
             outcome: failure
             expected: 'echidna_state4()\" failed after the following call sequence'
           - name: Assert
             workdir: program-analysis/echidna/example/
             files: assert.sol
-            config: assert.yaml
             contract: Incrementor
             outcome: failure
             expected: 'inc(uint256)\" resulted in an assertion failure after the following call sequence'
@@ -112,7 +110,6 @@ jobs:
             workdir: program-analysis/echidna/example/
             files: TestDepositWithPermit.sol
             solc-version: 0.8.0
-            config: testdeposit.yaml
             contract: TestDepositWithPermit
             outcome: success
             expected: '\[PASSED\] Assertion Test: TestDepositWithPermit.testERC20PermitDeposit(uint256)'
@@ -162,7 +159,7 @@ jobs:
           go build -o medusa -v .
           go install -v .
           sudo cp medusa /usr/bin
-          pip install crytic-compile solc-select
+          pip install crytic-compile solc-select slither-analyzer
 
       - name: Run Medusa
         continue-on-error: true
 
@@ -1,6 +1,6 @@
 # Building Secure Smart Contracts
 
-![](https://github.com/crytic/building-secure-contracts/actions/workflows/slither.yml/badge.svg) ![](https://github.com/crytic/building-secure-contracts/actions/workflows/echidna.yml/badge.svg) ![](https://github.com/crytic/building-secure-contracts/actions/workflows/medusa.yml/badge.svg)
+![](https://github.com/crytic/building-secure-contracts/actions/workflows/echidna.yml/badge.svg) ![](https://github.com/crytic/building-secure-contracts/actions/workflows/medusa.yml/badge.svg)
 
 Brought to you by [Trail of Bits](https://www.trailofbits.com/), this repository offers guidelines and best practices for developing secure smart contracts. Contributions are welcome, you can contribute by following our [contributing guidelines](https://github.com/crytic/building-secure-contracts/blob/master/CONTRIBUTING.md).
 
 
@@ -89,7 +89,6 @@
     - [Advanced](./program-analysis/echidna/advanced/README.md)
       - [How to collect a corpus](./program-analysis/echidna/advanced/collecting-a-corpus.md)
       - [How to use optimization mode](./program-analysis/echidna/advanced/optimization_mode.md)
-      - [How to detect high gas consumption](./program-analysis/echidna/advanced/finding-transactions-with-high-gas-consumption.md)
       - [How to perform smart contract fuzzing at a large scale](./program-analysis/echidna/advanced/smart-contract-fuzzing-at-scale.md)
       - [How to test bytecode-only contracts](./program-analysis/echidna/advanced/testing-bytecode.md)
       - [How and when to use cheat codes](program-analysis/echidna/advanced/on-using-cheat-codes.md)
 
@@ -49,11 +49,10 @@ Additionally, consider conducting a threat modeling exercise. This exercise will
   - An approachable guide for incident response. Chapter 4 includes examples for how to approach practicing your process.
 - [PagerDuty Incident Response](https://response.pagerduty.com/)
   - A _very_ detailed handbook of how PagerDuty handles incident response themselves. Some useful ideas and resources, but more practical for larger organizations.
-- [How to Hack the Yield Protocol](https://docs.yieldprotocol.com/#/operations/how_to_hack)
-- [Emergency Procedures for Yearn Finance](https://github.com/yearn/yearn-devdocs/blob/master/docs/developers/v2/EMERGENCY.md)
+- [Emergency Procedures for Yearn Finance](https://github.com/yearn/yearn-devdocs/blob/master/docs/developers/security/EMERGENCY.md)
 - [Rekt pilled: What to do when your dApp gets pwned and how to stay kalm - Heidi Wilder (DSS 2023)](https://www.youtube.com/watch?v=TDlkkg8N0wc)
 - [Crisis Handbook - Smart Contract Hack (SEAL)](https://docs.google.com/document/d/1DaAiuGFkMEMMiIuvqhePL5aDFGHJ9Ya6D04rdaldqC0/edit)
 
 ### Community Incident Retrospectives
 
-- [Yield Protocol](https://medium.com/yield-protocol/post-mortem-of-incident-on-august-5th-2022-7bb70dbb9ada)
+- [Yield Protocol](https://web.archive.org/web/20230105183841/https://medium.com/yield-protocol/post-mortem-of-incident-on-august-5th-2022-7bb70dbb9ada)
@@ -0,0 +1,16 @@
+{
+  "httpHeaders": [
+    {
+      "urls": [
+        "https://github.com/",
+        "https://guides.github.com/",
+        "https://help.github.com/",
+        "https://docs.github.com/"
+      ],
+      "headers": {
+        "Accept-Encoding": "zstd, br, gzip, deflate"
+      }
+    }
+  ],
+  "retryOn429": true
+}
@@ -4,7 +4,7 @@ In Starknet, addresses are of the `felt` type, while on L1 addresses are of the
 
 # Example
 
-Consider the following code to initiate L2 deposits from L1. The first example has no checks on the `to` parameter, and depending on the user's address, it could transfer tokens to an unexpected address on L2. The second example, however, adds verification to ensure this does not happen. Note that the code is a simplified version of how messages are sent on L1 and processed on L2. For a more comprehensive overview, see here: [https://www.cairo-lang.org/docs/hello_starknet/l1l2.html](https://docs.cairo-lang.org/hello_starknet/l1l2.html).
+Consider the following code to initiate L2 deposits from L1. The first example has no checks on the `to` parameter, and depending on the user's address, it could transfer tokens to an unexpected address on L2. The second example, however, adds verification to ensure this does not happen. Note that the code is a simplified version of how messages are sent on L1 and processed on L2. For a more comprehensive overview, see here: [https://www.cairo-lang.org/docs/hello_starknet/l1l2.html](https://web.archive.org/web/20250117175431/https://docs.cairo-lang.org/hello_starknet/l1l2.html).
 
 ```solidity
 contract L1ToL2Bridge {
 
@@ -43,6 +43,6 @@ func validateTotalBorrows(ctx sdk.Context, k keeper.Keeper) {
 
 ## External examples
 
-- [Gravity Bridge can `panic` in multiple locations in the `EndBlocker` method](https://giters.com/althea-net/cosmos-gravity-bridge/issues/348)
+- [Gravity Bridge can `panic` in multiple locations in the `EndBlocker` method](https://github.com/althea-net/cosmos-gravity-bridge/issues/348)
 - [Agoric `panic`s purposefully if the `PushAction` method returns an error](https://github.com/Agoric/agoric-sdk/blob/9116ede69169ebb252faf069d90022e8e05c6a4e/golang/cosmos/x/vbank/module.go#L166)
 - [Setting invalid parameters in `x/distribution` module causes `panic` in `BeginBlocker`](https://github.com/cosmos/cosmos-sdk/issues/5808). Valid parameters are [described in the documentation](https://docs.cosmos.network/v0.45/modules/distribution/07_params.html).
@@ -61,4 +61,4 @@ Note that the quality of randomness provided to the `pallet-bad-lottery` pallet
 - https://docs.substrate.io/reference/how-to-guides/pallet-design/incorporate-randomness/
 - https://ethresear.ch/t/rng-exploitability-analysis-assuming-pure-randao-based-main-chain/1825/7
 - https://ethresear.ch/t/collective-coin-flipping-csprng/3252/21
-- https://github.com/paritytech/ink/issues/57#issuecomment-486998848
+- https://github.com/use-ink/ink/issues/57#issuecomment-486998848