diff --git a/readme.md b/readme.md index 49c47ac..c45063d 100644 --- a/readme.md +++ b/readme.md @@ -13,6 +13,7 @@ Smart contract programming language for the Ethereum Virtual Machine. - [Gas Optimization](#gas-optimization) - [Upgradeable Contracts](#upgradeable-contracts) - [Advanced Topics](#advanced-topics) +- [AI \& Agentic Development](#ai--agentic-development) - [Community \& Support](#community--support) ## Official Resources @@ -37,7 +38,10 @@ Smart contract programming language for the Ethereum Virtual Machine. - [Hardhat](https://hardhat.org/) - Ethereum development environment. - [OpenZeppelin Contracts Wizard](https://wizard.openzeppelin.com/) - Interactive smart contract generator. - [OpenZeppelin MCP](https://mcp.openzeppelin.com/) - AI-powered smart contract generation via Model Context Protocol. +- [prettier-plugin-solidity](https://github.com/prettier-solidity/prettier-plugin-solidity) - Prettier plugin for automatically formatting Solidity code. - [Remix IDE](https://remix.ethereum.org/) - Web-based Solidity IDE. +- [solidity-coverage](https://github.com/sc-forks/solidity-coverage) - Code coverage tool for Solidity smart contracts. +- [Sourcify](https://github.com/argotorg/sourcify) - Open-source decentralized source code verification service for Ethereum. - [Tenderly](https://tenderly.co/) - Smart contract debugging and monitoring. ## Libraries & Frameworks @@ -50,7 +54,6 @@ Smart contract programming language for the Ethereum Virtual Machine. ## Security & Best Practices - [Security Considerations](https://docs.soliditylang.org/en/latest/security-considerations.html#security-considerations) - Official security guide. -- [ConsenSys Smart Contract Best Practices](https://consensysdiligence.github.io/smart-contract-best-practices/) - Comprehensive security guide. - [Smart Contract Security Verification Standard](https://securing.github.io/SCSVS/) - Security checklist. - [EEA EthTrust Security Levels Specification](https://entethalliance.org/specs/ethtrust-sl/) - Smart contract security certification requirements. - [Rekt News](https://rekt.news/) - Investigative journalism and incident analysis of DeFi exploits and hacks. @@ -60,16 +63,17 @@ Smart contract programming language for the Ethereum Virtual Machine. ## Security Analysis Tools - [Aderyn](https://github.com/Cyfrin/aderyn) - Rust-based static analysis tool for Solidity by Cyfrin. -- [Slither](https://github.com/crytic/slither) - Static analysis framework for Solidity. -- [Solhint](https://github.com/protofire/solhint) - Solidity linter for security and style guide validations. -- [SolidityScan](https://solidityscan.com/) - Automated smart contract security audit platform. -- [Surya](https://github.com/ConsenSysDiligence/surya) - Utility for smart contract systems analysis. +- [Certora Prover](https://www.certora.com/) - Formal verification for smart contracts. - [Echidna](https://github.com/crytic/echidna) - Property-based fuzzer for smart contracts. - [Forta Network](https://docs.forta.network/en/latest/) - Decentralized runtime security monitoring network for smart contracts. - [Manticore](https://github.com/trailofbits/manticore) - Symbolic execution tool for smart contract and binary analysis. - [Medusa](https://github.com/crytic/medusa) - Parallel fuzzing engine for smart contracts with advanced techniques. -- [Certora Prover](https://www.certora.com/) - Formal verification for smart contracts. +- [Mythril](https://github.com/ConsenSysDiligence/mythril) - Symbolic-execution-based security analysis tool for EVM bytecode. - [Olympix Static Analyzer](https://olympix.security/resources/free-static-analyzer) - Free Solidity static analysis tool. +- [Slither](https://github.com/crytic/slither) - Static analysis framework for Solidity. +- [Solhint](https://github.com/protofire/solhint) - Solidity linter for security and style guide validations. +- [SolidityScan](https://solidityscan.com/) - Automated smart contract security audit platform. +- [Surya](https://github.com/ConsenSysDiligence/surya) - Utility for smart contract systems analysis. ## Gas Optimization @@ -87,6 +91,26 @@ Smart contract programming language for the Ethereum Virtual Machine. - [Yul Documentation](https://docs.soliditylang.org/en/latest/yul.html) - Low-level language for Ethereum. - [LearnEVM](https://learnevm.com/) - Free advanced EVM course for Solidity developers. +## AI & Agentic Development + +### Skills + +- [OpenZeppelin Skills](https://github.com/OpenZeppelin/openzeppelin-skills) - Claude Code agent skills teaching AI coding assistants to build secure smart contracts using current OpenZeppelin libraries. +- [Pashov Skills](https://github.com/pashov/skills) - Reusable AI agent skill pack for Solidity security auditing with multi-agent orchestration. +- [Solidity Security Skill](https://skills.sh/wshobson/agents/solidity-security) - Reusable AI agent skill pack for secure Solidity development patterns and vulnerability prevention. +- [Trail of Bits Skills](https://github.com/trailofbits/skills) - Trail of Bits Claude Code skills for security research, vulnerability detection, and audit workflows. + +### Tools + +- [Blockscout MCP](https://github.com/blockscout/mcp-server) - MCP server wrapping Blockscout APIs for on-chain data access via AI agents. +- [EVM MCP Server](https://github.com/mcpdotdirect/evm-mcp-server) - MCP server providing LLMs with tools for interacting with 60+ EVM networks. +- [EVMbench](https://openai.com/index/introducing-evmbench) - OpenAI and Paradigm benchmark for evaluating AI agents on smart contract vulnerability detection, patching, and exploitation. +- [Finite Monkey Engine](https://github.com/BradMoonUESTC/finite-monkey-engine) - AI-driven code security analysis platform for Blockchain audit with Solidity Tree-sitter parsing and RAG architecture. +- [Foundry MCP Server](https://github.com/PraneshASP/foundry-mcp-server) - MCP server connecting LLM assistants to the Foundry toolchain for Solidity development. +- [Plamen](https://github.com/PlamenTSV/plamen) - Autonomous Web3 security audit agent orchestrating 18-100 AI agents across 8 phases for EVM/Solidity. +- [Trail of Bits Claude Code Config](https://github.com/trailofbits/claude-code-config) - Opinionated defaults, documentation, and workflows for Claude Code at Trail of Bits. +- [Trailmark](https://github.com/trailofbits/trailmark) - Builds and queries multi-language source code graphs for AI-assisted Solidity security analysis. + ## Community & Support - [EthDev Subreddit](https://www.reddit.com/r/ethdev/) - Developer discussions.