Merge pull request #213 from crytic/ahpaleus_master

Fix broken links

Author: montyly

.github/workflows/check_links.yml

@@ -0,0 +1,20 @@
+name: Check Markdown links
+
+on:
+  push:
+    branches:
+      - master
+      - dev
+  pull_request:
+  schedule:
+    # run CI at 09:00, on day 1 of the month even if no PRs/merges occur
+    - cron:  '0 9 1 * *'
+
+jobs:
+  markdown-link-check:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@master
+    - uses: gaurav-nelson/github-action-markdown-link-check@v1
+      with:
+        use-quiet-mode: 'yes'

development-guidelines/workflow.md

@@ -21,9 +21,9 @@ Visually inspect critical security features of your code:
 
 Document critical security properties and use automated test generators to evaluate them:
 
-- [ ] Learn to [document security properties for your code](/program-analysis/). It's tough as first, but it's the single most important activity for achieving a good outcome. It's also a prerequisite for using any of the advanced techniques in this tutorial.
+- [ ] Learn to [document security properties for your code](../program-analysis/). It's tough as first, but it's the single most important activity for achieving a good outcome. It's also a prerequisite for using any of the advanced techniques in this tutorial.
 - [ ] Define security properties in Solidity, for use with [Echidna](https://github.com/crytic/echidna) and [Manticore](https://manticore.readthedocs.io/en/latest/verifier.html). Focus on your state machine, access controls, arithmetic operations, external interactions, and standards conformance.
-- [ ] Define security properties with [Slither's Python API](/program-analysis/slither). Focus on inheritance, variable dependencies, access controls, and other structural issues.
+- [ ] Define security properties with [Slither's Python API](../program-analysis/slither). Focus on inheritance, variable dependencies, access controls, and other structural issues.
 
 Finally, be mindful of issues that automated tools cannot easily find:
 

not-so-smart-contracts/cairo/consider_L1_to_L2_message_failure.md

@@ -1,8 +1,8 @@
 # Consider L1 to L2 message failure
 
-In Starknet, [Ethereum contracts can send messages from L1 to L2, using a bridge](https://starknet.io/docs/hello_starknet/l1l2.html#messages-from-l1-to-l2). However, it is not guaranteed that the message will be processed by the sequencer. 
+In Starknet, [Ethereum contracts can send messages from L1 to L2, using a bridge](https://docs.starknet.io/documentation/architecture_and_concepts/L1-L2_Communication/messaging-mechanism/). However, it is not guaranteed that the message will be processed by the sequencer. 
 For instance, a message can fail to be processed if there is a sudden spike in the gas price and the value provided is too low. For that reason, Starknet developers provided a 
-[API to cancel on-going messages](https://docs.starknet.io/docs/L1-L2%20Communication/messaging-mechanism/#l1--l2-messages)
+[API to cancel on-going messages](https://docs.starknet.io/documentation/architecture_and_concepts/L1-L2_Communication/messaging-mechanism/#l2-l1_message_cancellation)
 
 # Example
 

not-so-smart-contracts/cairo/replay_protection/README.md

@@ -12,7 +12,7 @@ Consider the following function that validates a signature for EIP712-style perm
 
 ## Mitigations
 
-- Consider using the [OpenZeppelin Contracts for Cairo Account contract](https://github.com/OpenZeppelin/cairo-contracts/blob/main/docs/Account.md) or another existing account contract implementation.
+- Consider using the [OpenZeppelin Contracts for Cairo Account contract](https://github.com/OpenZeppelin/cairo-contracts/blob/main/docs/modules/ROOT/pages/accounts.adoc) or another existing account contract implementation.
 
 ## External Examples
 

not-so-smart-contracts/cairo/view_state/README.md

@@ -1,6 +1,6 @@
 # State modifications in a view function
 
-StarkNet provides the @view decorator to signal that a function should not make state modifications. However, this is [not currently enforced by the compiler](https://starknet.io/docs/hello_starknet/intro.html). Developers should take care when designing view functions but also when calling functions in other contracts as they may result in unexpected behavior if they do include state modifications accidentally.
+StarkNet provides the @view decorator to signal that a function should not make state modifications. However, this is [not currently enforced by the compiler](https://www.cairo-lang.org/docs/hello_starknet/intro.html). Developers should take care when designing view functions but also when calling functions in other contracts as they may result in unexpected behavior if they do include state modifications accidentally.
 
 ## Example
 

not-so-smart-contracts/cosmos/broken_bookkeeping/README.md

@@ -53,7 +53,7 @@ A malicious user can screw an exchange rate in two ways:
 * by force-sending Tokens to the module, changing the `tokensHeld` value
 * by transferring uTokens to another chain via IBC, chaning `uTokensInCirculation` value
 
-The first "attack" could be pulled of by sending [`MsgSend`](https://docs.cosmos.network/main/modules/bank/03_messages.html#msgsend) message. However, it would be not profitable (probably), as executing it would irreversibly decrease an attacker's resources.
+The first "attack" could be pulled of by sending [`MsgSend`](https://docs.cosmos.network/main/modules/bank#msgsend) message. However, it would be not profitable (probably), as executing it would irreversibly decrease an attacker's resources.
 
 The second one works because the IBC module [burns transferred coins in the source chain](https://github.com/cosmos/ibc-go/blob/48a6ae512b4ea42c29fdf6c6f5363f50645591a2/modules/apps/transfer/keeper/relay.go#L135-L136) and mints corresponding tokens in the destination chain. Therefore, it will decrease the supply reported by the `x/bank` module, increasing the exchange rate. After the attack the malicious user can just transfer back uTokens.
 

not-so-smart-contracts/cosmos/unregistered_msg_handler/README.md

@@ -1,8 +1,8 @@
 # Unregistered message handler
 
-In the legacy version of the [Msg Service](https://docs.cosmos.network/v0.44/building-modules/msg-services.html#implementation), all messages have to be registered in a module keeper's `NewHandler` method. Failing to do so would prevent users from sending the not-registered message.
+In the legacy version of the `Msg Service`, all messages have to be registered in a module keeper's `NewHandler` method. Failing to do so would prevent users from sending the not-registered message.
 
-In [the recent Cosmos version manual registration is no longer needed](https://docs.cosmos.network/v0.44/architecture/adr-031-msg-service.html#pros).
+In [the recent Cosmos version manual registration is no longer needed](https://docs.cosmos.network/v0.47/building-modules/msg-services).
 
 ## Example 
 

not-so-smart-contracts/substrate/randomness/README.md

@@ -4,7 +4,7 @@ To use randomness in a Substrate pallet, all you need to do is require a source
 1. `random_seed`: This function takes no arguments and returns back a random value. Calling this value multiple times in a block will result in the same value.
 2. `random`: Takes in a byte-array (a.k.a "context-identifier") and returns a value that is as independent as possible from other contexts. 
 
-Substrate provides the [Randomness Collective Flip Pallet](https://paritytech.github.io/substrate/master/pallet_randomness_collective_flip/index.html) and a Verifiable Random Function implementation in the [BABE pallet](https://paritytech.github.io/substrate/master/pallet_babe/index.html). Developers can also choose to build their own source of randomness.
+Substrate provides the [Randomness Collective Flip Pallet](https://docs.rs/pallet-randomness-collective-flip/latest/pallet_randomness_collective_flip/) and a Verifiable Random Function implementation in the [BABE pallet](https://paritytech.github.io/substrate/master/pallet_babe/index.html). Developers can also choose to build their own source of randomness.
 
 A bad source of randomness can lead to a variety of exploits such as the theft of funds or undefined system behavior. 
 

program-analysis/echidna/Exercise-8.md

@@ -39,7 +39,6 @@ We recommend to first try without reading the following hints. The hints are in
 
 - The invariant that we are looking for is "an attacker cannot get almost whole amount of rewards"
 - Read what is the [multi abi option](https://github.com/crytic/building-secure-contracts/blob/master/program-analysis/echidna/common-testing-approaches.md#external-testing)
-- A template is provided in [contracts/the-rewarder/EchidnaRewarder.sol](https://github.com/crytic/damn-vulnerable-defi-echidna/blob/hints/contracts/the-rewarder/EchidnaRewarder.sol)
 - A config file is provided in [the-rewarder.yaml](https://github.com/crytic/damn-vulnerable-defi-echidna/blob/solutions/the-rewarder.yaml)
 
 ## Solution

program-analysis/manticore/adding-constraints.md

@@ -2,11 +2,14 @@
 
 **Table of contents:**
 
-- [Introduction](#introduction)
-- [Operators](#Operators)
-- [Constraints](#constraints)
-- [Checking Constraint](#checking-constraint)
-- [Summary: Adding Constraints](#summary-adding-constraints)
+- [Adding Constraints](#adding-constraints)
+  - [Introduction](#introduction)
+  - [Operators](#operators)
+  - [Constraints](#constraints)
+    - [Global constraint](#global-constraint)
+    - [State constraint](#state-constraint)
+  - [Checking Constraint](#checking-constraint)
+  - [Summary: Adding Constraints](#summary-adding-constraints)
 
 ## Introduction
 
@@ -68,7 +71,7 @@ m.transaction(caller=user_account,
 
 ### State constraint
 
-Use [state.constrain(constraint)](https://manticore.readthedocs.io/en/latest/api.html?highlight=operator#manticore.core.state.StateBase.constrain) to add a constraint to a specific state
+Use [state.constrain(constraint)](https://manticore.readthedocs.io/en/latest/states.html?highlight=statebase#manticore.core.state.StateBase.constrain) to add a constraint to a specific state
 It can be used to constrain the state after its exploration to check some property on it.
 
 ## Checking Constraint