Merge branch 'master' into guide-to-arithmetic-checks

Author: 0xPhaze

.github/workflows/deploy.yml

@@ -3,6 +3,10 @@ on:
   push:
     branches:
       - master
+    ignore-paths:
+      - "**.rs"
+      - "**.py"
+      - "**.sol"
   workflow_dispatch:
 
 jobs:

.github/workflows/echidna.yml

@@ -1,15 +1,18 @@
-name: Echidna
+name: Run Echidna tests
 
 on:
   push:
-    paths-ignore:
-      - "**.md"
-      - "**.rs"
-      - "**.py"
+    paths:
+      - ".github/workflows/echidna.yml"
+      - "program-analysis/echidna/**/*.sol"
+      - "program-analysis/echidna/**/*.yml"
     branches:
       - master
-      - dev
   pull_request:
+    paths:
+      - ".github/workflows/echidna.yml"
+      - "program-analysis/echidna/**/*.sol"
+      - "program-analysis/echidna/**/*.yml"
   schedule:
     # run CI every day even if no PRs/merges occur
     - cron: "0 12 * * *"

.github/workflows/lint_links.yml

@@ -4,7 +4,13 @@ on:
   push:
     branches:
       - master
+    paths:
+      - ".github/workflows/lint_links.yml"
+      - "**.md"
   pull_request:
+    paths:
+      - ".github/workflows/lint_links.yml"
+      - "**.md"
   schedule:
     # run CI at 09:00, on day 1 of the month even if no PRs/merges occur
     - cron: "0 9 1 * *"

.github/workflows/manticore.yml

@@ -0,0 +1,36 @@
+name: Run Manticore tests
+
+on:
+  push:
+    paths:
+      - ".github/workflows/manticore.yml"
+      - "program-analysis/manticore/**/*.py"
+    branches:
+      - master
+  pull_request:
+    paths:
+      - ".github/workflows/manticore.yml"
+      - "program-analysis/manticore/**/*.py"
+  schedule:
+    # run CI every day even if no PRs/merges occur
+    - cron: "0 12 * * *"
+
+jobs:
+  tests:
+    runs-on: ubuntu-22.04
+    strategy:
+      fail-fast: false
+    steps:
+      - uses: actions/checkout@v3
+      - name: Set up Python 3.8
+        uses: actions/setup-python@v4
+        with:
+          python-version: 3.8
+      - name: Install dependencies
+        run: |
+          pip install solc-select
+          solc-select install 0.5.11
+          solc-select use 0.5.11
+      - name: Run Tests
+        run: |
+          bash program-analysis/manticore/scripts/gh_action_test.sh

.github/workflows/ci.yml renamed to .github/workflows/slither.yml

@@ -1,13 +1,16 @@
-name: CI
+name: Run Slither tests
 
 on:
   push:
-    paths-ignore:
-      - "**.md"
+    paths:
+      - ".github/workflows/slither.yml"
+      - "program-analysis/slither/**/*.py"
     branches:
       - master
-      - dev
   pull_request:
+    paths:
+      - ".github/workflows/slither.yml"
+      - "program-analysis/slither/**/*.py"
   schedule:
     # run CI every day even if no PRs/merges occur
     - cron: "0 12 * * *"
@@ -17,8 +20,6 @@ jobs:
     runs-on: ubuntu-22.04
     strategy:
       fail-fast: false
-      matrix:
-        type: ["slither", "manticore"]
     steps:
       - uses: actions/checkout@v3
       - name: Set up Python 3.8
@@ -31,7 +32,5 @@ jobs:
           solc-select install 0.5.11
           solc-select use 0.5.11
       - name: Run Tests
-        env:
-          TEST_TYPE: ${{ matrix.type }}
         run: |
-          bash program-analysis/${TEST_TYPE}/scripts/gh_action_test.sh
+          bash program-analysis/slither/scripts/gh_action_test.sh

book

@@ -1 +1 @@
-Subproject commit 37c09c38519ae5ed1835632926fffb00ef05c830
+Subproject commit 150b745c2d1263673a8c74aa6c6e7ec8dde8f2c8

not-so-smart-contracts/substrate/arithmetic_overflow/README.md

@@ -4,7 +4,7 @@ Arithmetic overflow in Substrate occurs when arithmetic operations are performed
 
 # Example
 
-In the [`pallet-overflow`](./pallet-overflow.rs) pallet, notice that the `transfer` function sets `update_sender` and `update_to` using primitive arithmetic operations.
+In the [`pallet-overflow`](https://github.com/crytic/building-secure-contracts/blob/master/not-so-smart-contracts/substrate/arithmetic_overflow/pallet-overflow.rs) pallet, notice that the `transfer` function sets `update_sender` and `update_to` using primitive arithmetic operations.
 
 ```rust
    /// Allow minting account to transfer a given balance to another account.

not-so-smart-contracts/substrate/dont_panic/README.md

@@ -4,7 +4,7 @@ Panics occur when the node enters a state that it cannot handle and stops the pr
 
 # Example
 
-In the [`pallet-dont-panic`](./pallet-dont-panic.rs) pallet, the `find_important_value` dispatchable checks to see if `useful_amounts[0]` is greater than `1_000`. If so, it sets the `ImportantVal` `StorageValue` to the value held in `useful_amounts[0]`.
+In the [`pallet-dont-panic`](https://github.com/crytic/building-secure-contracts/blob/master/not-so-smart-contracts/substrate/dont_panic/pallet-dont-panic.rs) pallet, the `find_important_value` dispatchable checks to see if `useful_amounts[0]` is greater than `1_000`. If so, it sets the `ImportantVal` `StorageValue` to the value held in `useful_amounts[0]`.
 
 ```rust
     /// Do some work

not-so-smart-contracts/substrate/origins/README.md

@@ -18,7 +18,7 @@ Using privileged origins, like `RawOrigin::Root` or custom origins, can lead to
 
 # Example
 
-In the [`pallet-bad-origin`](./pallet-bad-origin.rs) pallet, there is a `set_important_val` function that should be only callable by the `ForceOrigin` _custom_ origin type. This custom origin allows the pallet to specify that only a specific account can call `set_important_val`.
+In the [`pallet-bad-origin`](https://github.com/crytic/building-secure-contracts/blob/master/not-so-smart-contracts/substrate/origins/pallet-bad-origin.rs) pallet, there is a `set_important_val` function that should be only callable by the `ForceOrigin` _custom_ origin type. This custom origin allows the pallet to specify that only a specific account can call `set_important_val`.
 
 ```rust
 #[pallet::call]
@@ -58,6 +58,6 @@ let sender = ensure_signed(origin)?;
 # References
 
 - https://docs.substrate.io/main-docs/build/origins/
-- https://docs.substrate.io/tutorials/work-with-pallets/specify-the-origin-for-a-call/
+- https://docs.substrate.io/tutorials/build-application-logic/specify-the-origin-for-a-call/
 - https://paritytech.github.io/substrate/master/pallet_sudo/index.html#
 - https://paritytech.github.io/substrate/master/pallet_democracy/index.html

not-so-smart-contracts/substrate/randomness/README.md

@@ -11,7 +11,7 @@ A bad source of randomness can lead to a variety of exploits such as the theft o
 
 # Example
 
-The [`pallet-bad-lottery`](./pallet-bad-lottery.rs) pallet is a simplified "lottery" system that requires one to guess the next random number. If they guess correctly, they are the winner of the lottery.
+The [`pallet-bad-lottery`](https://github.com/crytic/building-secure-contracts/blob/master/not-so-smart-contracts/substrate/randomness/pallet-bad-lottery.rs) pallet is a simplified "lottery" system that requires one to guess the next random number. If they guess correctly, they are the winner of the lottery.
 
 ```rust
 #[pallet::call]