3:I[4707,[],""]
5:I[6423,[],""]
6:I[2798,["972","static/chunks/972-a66c538a2b036653.js","50","static/chunks/50-1257a4928d3dee1b.js","868","static/chunks/868-b5274bfdefe30153.js","79","static/chunks/79-108bb73aa9269941.js","854","static/chunks/854-33d3781a3ff18775.js","185","static/chunks/app/layout-fb8da892d0fbbf84.js"],"ThemeProvider"]
7:I[9723,["972","static/chunks/972-a66c538a2b036653.js","50","static/chunks/50-1257a4928d3dee1b.js","868","static/chunks/868-b5274bfdefe30153.js","79","static/chunks/79-108bb73aa9269941.js","854","static/chunks/854-33d3781a3ff18775.js","185","static/chunks/app/layout-fb8da892d0fbbf84.js"],"SmoothScroll"]
8:I[6079,["972","static/chunks/972-a66c538a2b036653.js","50","static/chunks/50-1257a4928d3dee1b.js","868","static/chunks/868-b5274bfdefe30153.js","79","static/chunks/79-108bb73aa9269941.js","854","static/chunks/854-33d3781a3ff18775.js","185","static/chunks/app/layout-fb8da892d0fbbf84.js"],"CursorSpotlight"]
9:I[532,["972","static/chunks/972-a66c538a2b036653.js","50","static/chunks/50-1257a4928d3dee1b.js","868","static/chunks/868-b5274bfdefe30153.js","79","static/chunks/79-108bb73aa9269941.js","854","static/chunks/854-33d3781a3ff18775.js","185","static/chunks/app/layout-fb8da892d0fbbf84.js"],"Navbar"]
a:I[2205,["972","static/chunks/972-a66c538a2b036653.js","50","static/chunks/50-1257a4928d3dee1b.js","868","static/chunks/868-b5274bfdefe30153.js","79","static/chunks/79-108bb73aa9269941.js","854","static/chunks/854-33d3781a3ff18775.js","185","static/chunks/app/layout-fb8da892d0fbbf84.js"],"Footer"]
b:I[3772,["972","static/chunks/972-a66c538a2b036653.js","50","static/chunks/50-1257a4928d3dee1b.js","868","static/chunks/868-b5274bfdefe30153.js","79","static/chunks/79-108bb73aa9269941.js","854","static/chunks/854-33d3781a3ff18775.js","185","static/chunks/app/layout-fb8da892d0fbbf84.js"],"Toaster"]
c:I[3095,["972","static/chunks/972-a66c538a2b036653.js","50","static/chunks/50-1257a4928d3dee1b.js","868","static/chunks/868-b5274bfdefe30153.js","79","static/chunks/79-108bb73aa9269941.js","854","static/chunks/854-33d3781a3ff18775.js","185","static/chunks/app/layout-fb8da892d0fbbf84.js"],"Analytics"]
d:I[8661,["972","static/chunks/972-a66c538a2b036653.js","50","static/chunks/50-1257a4928d3dee1b.js","868","static/chunks/868-b5274bfdefe30153.js","79","static/chunks/79-108bb73aa9269941.js","854","static/chunks/854-33d3781a3ff18775.js","185","static/chunks/app/layout-fb8da892d0fbbf84.js"],"ChatWidget"]
4:["slug","smart-contract-security-basics","d"]
0:["uuc30tI-qsfwjf4cKjy77",[[["",{"children":["blog",{"children":[["slug","smart-contract-security-basics","d"],{"children":["__PAGE__?{\"slug\":\"smart-contract-security-basics\"}",{}]}]}]},"$undefined","$undefined",true],["",{"children":["blog",{"children":[["slug","smart-contract-security-basics","d"],{"children":["__PAGE__",{},[["$L1","$L2",null],null],null]},[null,["$","$L3",null,{"parallelRouterKey":"children","segmentPath":["children","blog","children","$4","children"],"error":"$undefined","errorStyles":"$undefined","errorScripts":"$undefined","template":["$","$L5",null,{}],"templateStyles":"$undefined","templateScripts":"$undefined","notFound":"$undefined","notFoundStyles":"$undefined"}]],null]},[null,["$","$L3",null,{"parallelRouterKey":"children","segmentPath":["children","blog","children"],"error":"$undefined","errorStyles":"$undefined","errorScripts":"$undefined","template":["$","$L5",null,{}],"templateStyles":"$undefined","templateScripts":"$undefined","notFound":"$undefined","notFoundStyles":"$undefined"}]],null]},[[[["$","link","0",{"rel":"stylesheet","href":"/_next/static/css/0666b722fae2b471.css","precedence":"next","crossOrigin":"$undefined"}]],["$","html",null,{"lang":"en","suppressHydrationWarning":true,"className":"dark","children":[["$","head",null,{"children":["$","script",null,{"dangerouslySetInnerHTML":{"__html":"\n              (function() {\n                var theme = localStorage.getItem('theme');\n                var prefersDark = window.matchMedia('(prefers-color-scheme: dark)').matches;\n                if (theme === 'light') {\n                  document.documentElement.classList.remove('dark');\n                  document.documentElement.classList.add('light');\n                } else {\n                  document.documentElement.classList.add('dark');\n                  document.documentElement.classList.remove('light');\n                }\n              })();\n            "}}]}],["$","body",null,{"className":"__variable_f367f3 __variable_ce197d font-sans","children":[["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"Organization\",\"@id\":\"https://cogentsoftware.com#organization\",\"name\":\"Cogent Softwares\",\"url\":\"https://cogentsoftware.com\",\"logo\":\"https://cogentsoftware.com/favicon.svg\",\"description\":\"Cogent Softwares helps startups and enterprises build web and mobile applications (Android & iOS), blockchain applications, and AI automation systems.\",\"email\":\"hello@cogentsoftwares.com\",\"telephone\":\"+91 8000555268\",\"address\":{\"@type\":\"PostalAddress\",\"addressLocality\":\"12, Nilkanth avenue, Motavarachha, Surat, Gujarat, India - 394101\"}}"}}],["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"WebSite\",\"name\":\"Cogent Softwares\",\"url\":\"https://cogentsoftware.com\",\"description\":\"Cogent Softwares helps startups and enterprises build web and mobile applications (Android & iOS), blockchain applications, and AI automation systems.\",\"publisher\":{\"@id\":\"https://cogentsoftware.com#organization\"}}"}}],["$","$L6",null,{"attribute":"class","defaultTheme":"dark","enableSystem":false,"storageKey":"theme","children":[["$","$L7",null,{}],["$","$L8",null,{}],["$","div",null,{"className":"relative flex min-h-screen flex-col","children":[["$","$L9",null,{}],["$","main",null,{"className":"flex-1","children":["$","$L3",null,{"parallelRouterKey":"children","segmentPath":["children"],"error":"$undefined","errorStyles":"$undefined","errorScripts":"$undefined","template":["$","$L5",null,{}],"templateStyles":"$undefined","templateScripts":"$undefined","notFound":[["$","title",null,{"children":"404: This page could not be found."}],["$","div",null,{"style":{"fontFamily":"system-ui,\"Segoe UI\",Roboto,Helvetica,Arial,sans-serif,\"Apple Color Emoji\",\"Segoe UI Emoji\"","height":"100vh","textAlign":"center","display":"flex","flexDirection":"column","alignItems":"center","justifyContent":"center"},"children":["$","div",null,{"children":[["$","style",null,{"dangerouslySetInnerHTML":{"__html":"body{color:#000;background:#fff;margin:0}.next-error-h1{border-right:1px solid rgba(0,0,0,.3)}@media (prefers-color-scheme:dark){body{color:#fff;background:#000}.next-error-h1{border-right:1px solid rgba(255,255,255,.3)}}"}}],["$","h1",null,{"className":"next-error-h1","style":{"display":"inline-block","margin":"0 20px 0 0","padding":"0 23px 0 0","fontSize":24,"fontWeight":500,"verticalAlign":"top","lineHeight":"49px"},"children":"404"}],["$","div",null,{"style":{"display":"inline-block"},"children":["$","h2",null,{"style":{"fontSize":14,"fontWeight":400,"lineHeight":"49px","margin":0},"children":"This page could not be found."}]}]]}]}]],"notFoundStyles":[]}]}],["$","$La",null,{}]]}],["$","$Lb",null,{"position":"top-right","richColors":true,"closeButton":true}],["$","$Lc",null,{}],["$","$Ld",null,{}]]}]]}]]}]],null],null],["$Le",null]]]]
2:[["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"Article\",\"headline\":\"Smart Contract Security Basics\",\"description\":\"Reentrancy and bad math still show up in audits for a reason. A short tour of the Solidity bugs we look for first, written for people who are not full-time auditors.\",\"datePublished\":\"2025-11-25T00:00:00.000Z\",\"dateModified\":\"2025-11-25T00:00:00.000Z\",\"author\":{\"@type\":\"Organization\",\"name\":\"Cogent Softwares\",\"url\":\"https://cogentsoftware.com\"},\"publisher\":{\"@type\":\"Organization\",\"name\":\"Cogent Softwares\",\"url\":\"https://cogentsoftware.com\",\"logo\":{\"@type\":\"ImageObject\",\"url\":\"https://cogentsoftware.com/favicon.svg\"}},\"mainEntityOfPage\":{\"@type\":\"WebPage\",\"@id\":\"https://cogentsoftware.com/blog/smart-contract-security-basics\"},\"image\":[\"https://cogentsoftware.com/og.png\"]}"}}],["$","section",null,{"className":"section-padding","children":["$","div",null,{"className":"container max-w-3xl","children":["$","article",null,{"children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.2em] text-muted-foreground","children":"2025-11-25"}],["$","h1",null,{"className":"mt-2 text-4xl font-semibold","children":"Smart Contract Security Basics"}],["$","p",null,{"className":"mt-4 text-lg text-muted-foreground","children":"Reentrancy and bad math still show up in audits for a reason. A short tour of the Solidity bugs we look for first, written for people who are not full-time auditors."}],["$","p",null,{"className":"mt-2 text-sm text-muted-foreground","children":"8 min read"}],["$","div",null,{"className":"prose dark:prose-invert mt-8 max-w-none prose-headings:font-heading prose-a:text-primary prose-pre:bg-muted/50","children":[["$","h1",null,{"children":"Smart Contract Security Basics"}],"\n",["$","p",null,{"children":"On-chain code is hard to patch and easy to exploit if you get the basics wrong. You do not need a PhD to understand the common failure modes; you do need discipline and, for anything holding real value, a professional audit. This post is a plain-language tour of what we look for first in Solidity reviews."}],"\n",["$","h2",null,{"children":"Reentrancy"}],"\n",["$","p",null,{"children":"External calls (sending ETH, calling another contract) can run your function again before the first call finishes. If balances update after the call, an attacker can drain funds in one transaction."}],"\n",["$","p",null,{"children":[["$","strong",null,{"children":"Mitigation:"}]," Checks-effects-interactions: update state before external calls. Use ",["$","strong",null,{"children":"ReentrancyGuard"}]," from OpenZeppelin where it fits. Prefer ",["$","strong",null,{"children":"pull payments"}]," (users withdraw) over ",["$","strong",null,{"children":"push"}]," (you send to them) when it matches your product."]}],"\n",["$","h2",null,{"children":"Access control"}],"\n",["$","p",null,{"children":["Admin, mint, upgrade, and pause functions need explicit roles. One missing ",["$","code",null,{"children":"onlyOwner"}]," or wrong modifier has shipped many incidents."]}],"\n",["$","p",null,{"children":[["$","strong",null,{"children":"Mitigation:"}]," Use ",["$","strong",null,{"children":"AccessControl"}]," or ",["$","strong",null,{"children":"Ownable"}]," from audited libraries. For serious admin power, use a multisig or timelock so one key cannot rug the contract overnight."]}],"\n",["$","h2",null,{"children":"Arithmetic"}],"\n",["$","p",null,{"children":["Solidity 0.8+ checks overflow by default. ",["$","strong",null,{"children":"Unchecked"}]," blocks and assembly are where old bugs creep back in."]}],"\n",["$","p",null,{"children":[["$","strong",null,{"children":"Mitigation:"}]," Stay on 0.8+ for new code, avoid ",["$","code",null,{"children":"unchecked"}]," unless you have a written reason, and use ",["$","strong",null,{"children":"SafeMath"}]," only when you must support older compilers."]}],"\n",["$","h2",null,{"children":"Front-running and MEV"}],"\n",["$","p",null,{"children":"Pending transactions are visible. Bots can sandwich swaps or race your users."}],"\n",["$","p",null,{"children":[["$","strong",null,{"children":"Mitigation:"}]," Design invariants that survive reordering, use slippage and deadlines on AMM-style calls, and consider private mempools or commit-reveal where the use case allows."]}],"\n",["$","h2",null,{"children":"Oracles and external data"}],"\n",["$","p",null,{"children":"A single price feed or admin-controlled value can destroy your logic if it lies or stalls."}],"\n",["$","p",null,{"children":[["$","strong",null,{"children":"Mitigation:"}]," Prefer decentralized oracles where possible, add sanity bounds, and plan for stale data."]}],"\n",["$","h2",null,{"children":"Last word"}],"\n",["$","p",null,{"children":"No checklist replaces an audit for contracts that move money. This list helps you pass the first pass and have a serious conversation with auditors. We write and review Solidity; reach out if you want help before mainnet."}],"\n",["$","hr",null,{}],"\n",["$","p",null,{"children":[["$","em",null,{"children":"Cogent Softwares"}],", Web3 and smart contract development."]}]]}]]}]}]}]]
e:[["$","meta","0",{"name":"viewport","content":"width=device-width, initial-scale=1"}],["$","meta","1",{"charSet":"utf-8"}],["$","title","2",{"children":"Smart Contract Security Basics | Cogent Softwares"}],["$","meta","3",{"name":"description","content":"Reentrancy and bad math still show up in audits for a reason. A short tour of the Solidity bugs we look for first, written for people who are not full-time auditors."}],["$","link","4",{"rel":"canonical","href":"https://cogentsoftware.com/blog/smart-contract-security-basics"}],["$","meta","5",{"property":"og:title","content":"Smart Contract Security Basics"}],["$","meta","6",{"property":"og:description","content":"Reentrancy and bad math still show up in audits for a reason. A short tour of the Solidity bugs we look for first, written for people who are not full-time auditors."}],["$","meta","7",{"property":"og:url","content":"https://cogentsoftware.com/blog/smart-contract-security-basics"}],["$","meta","8",{"property":"og:site_name","content":"Cogent Softwares"}],["$","meta","9",{"property":"og:image","content":"https://cogentsoftware.com/og.png"}],["$","meta","10",{"property":"og:image:width","content":"1200"}],["$","meta","11",{"property":"og:image:height","content":"630"}],["$","meta","12",{"property":"og:image:alt","content":"Smart Contract Security Basics"}],["$","meta","13",{"property":"og:type","content":"article"}],["$","meta","14",{"property":"article:published_time","content":"2025-11-25T00:00:00.000Z"}],["$","meta","15",{"property":"article:author","content":"Cogent Softwares"}],["$","meta","16",{"name":"twitter:card","content":"summary_large_image"}],["$","meta","17",{"name":"twitter:title","content":"Smart Contract Security Basics"}],["$","meta","18",{"name":"twitter:description","content":"Reentrancy and bad math still show up in audits for a reason. A short tour of the Solidity bugs we look for first, written for people who are not full-time auditors."}],["$","meta","19",{"name":"twitter:image","content":"https://cogentsoftware.com/og.png"}],["$","link","20",{"rel":"icon","href":"/favicon.svg"}]]
1:null