Merge pull request #215 from crytic/mdbook

mdbook deployment integration

Author: montyly

.github/workflows/deploy.yml

@@ -0,0 +1,40 @@
+name: Deploy GH pages
+on:
+  push:
+    branches:
+      - master
+  workflow_dispatch:
+
+jobs:
+  build:
+    permissions:
+      contents: read
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+      with:
+        fetch-depth: 0
+    - name: Install mdbook
+      run: |
+        mkdir mdbook
+        curl -sSL https://github.com/rust-lang/mdBook/releases/download/v0.4.14/mdbook-v0.4.14-x86_64-unknown-linux-gnu.tar.gz | tar -xz --directory=./mdbook
+        echo `pwd`/mdbook >> $GITHUB_PATH
+    - name: Build artifacts
+      run: mdbook build
+    - name: Upload artifact
+      uses: actions/upload-pages-artifact@v1
+      with:
+        path: ./book
+  deploy:
+    permissions:
+      pages: write
+      id-token: write
+    environment:
+      name: github-pages
+      url: ${{ steps.deployment.outputs.page_url }}
+    runs-on: ubuntu-latest
+    needs: build
+    steps:
+      - name: Deploy to GitHub Pages
+        id: deployment
+        uses: actions/deploy-pages@v1

SUMMARY.md

@@ -0,0 +1,116 @@
+# Summary
+
+[Introduction](./README.md)
+
+- [Development-guidelines](./development-guidelines/README.md)
+  - [High-level best practices](./development-guidelines/guidelines.md)
+  - [Token integration checklist](./development-guidelines/token_integration.md)
+  - [Incident Response Recommendations](./development-guidelines/incident_response.md)
+  - [Secure development workflow](./development-guidelines/workflow.md)
+
+- [Learn EVM](./learn_evm/README.md)
+    - [EVM Opcode Reference](./learn_evm/evm_opcodes.md)
+    - [Transaction Tracing](./learn_evm/tracing.md)
+    - [Yellow Paper Guidance](./learn_evm/yellow-paper.md):
+        - [Forks <> EIPs](./learn_evm/eips_forks.md)
+        - [Forks <> CIPs](./learn_evm/cips_forks.md)
+        - [Upgrades <> TIPs](./learn_evm/tips_upgrades.md)
+        - [Forks <> BEPs](./learn_evm/beps_forks.md)
+- [Not so smart contracts]()
+    - [Algorand](./not-so-smart-contracts/algorand/README.md)
+        - [Rekeying](./not-so-smart-contracts/algorand/rekeying/README.md)
+        - [Unchecked Transaction Fees](./not-so-smart-contracts/algorand/unchecked_transaction_fee/README.md)
+        - [Closing Account](./not-so-smart-contracts/algorand/closing_account/README.md)
+        - [Closing Asset](./not-so-smart-contracts/algorand/closing_asset/README.md)
+        - [Group Size Check](./not-so-smart-contracts/algorand/group_size_check/README.md)
+        - [Time-based Replay Attack](./not-so-smart-contracts/algorand/time_based_replay_attack/README.md)
+        - [Access Controls](./not-so-smart-contracts/algorand/access_controls/README.md)
+        - [Asset Id Check](./not-so-smart-contracts/algorand/asset_id_check/README.md)
+        - [Denial of Service](./not-so-smart-contracts/algorand/denial_of_service/README.md)
+
+    - [Cairo](./not-so-smart-contracts/cairo/README.md)
+        - [Improper access controls](./not-so-smart-contracts/cairo/access_controls/README.md)
+        - [Integer division errors](./not-so-smart-contracts/cairo/integer_division/README.md)
+        - [View state modifications](./not-so-smart-contracts/cairo/view_state/README.md)
+        - [Arithmetic overflow](./not-so-smart-contracts/cairo/arithmetic_overflow/README.md)
+        - [Signature replays](./not-so-smart-contracts/cairo/replay_protection/README.md)
+        - [L1 to L2 Address Conversion](./not-so-smart-contracts/cairo/L1_to_L2_address_conversion/README.md)
+        - [Incorrect Felt Comparison](./not-so-smart-contracts/cairo/incorrect_felt_comparison/README.md)
+        - [Namespace Storage Var Collision](./not-so-smart-contracts/cairo/namespace_storage_var_collision/README.md)
+        - [Dangerous Public Imports in Libraries](./not-so-smart-contracts/cairo/dangerous_public_imports_in_libraries/README.md)
+
+    - [Cosmos](./not-so-smart-contracts/cosmos/README.md)
+        - [Incorrect signers](./not-so-smart-contracts/cosmos/incorrect_getsigners/README.md)
+        - [Non-determinism](./not-so-smart-contracts/cosmos/non_determinism/README.md)
+        - [Not prioritized messages](./not-so-smart-contracts/cosmos/messages_priority/README.md)
+        - [Slow ABCI methods](./not-so-smart-contracts/cosmos/abci_fast/README.md)
+        - [ABCI methods panic](./not-so-smart-contracts/cosmos/abci_panic/README.md)
+        - [Broken bookkeeping](./not-so-smart-contracts/cosmos/broken_bookkeeping/README.md)
+        - [Rounding errors](./not-so-smart-contracts/cosmos/rounding_errors/README.md)
+        - [Unregistered message handler](./not-so-smart-contracts/cosmos/unregistered_msg_handler/README.md)
+        - [Missing error handler](./not-so-smart-contracts/cosmos/missing_error_handler/README.md)
+
+    - [Solana](./not-so-smart-contracts/solana/README.md)
+        - [Arbitrary CPI](./not-so-smart-contracts/solana/arbitrary_cpi/README.md)
+        - [Improper PDA Validation](./not-so-smart-contracts/solana/improper_pda_validation/README.md)
+        - [Ownership Check](./not-so-smart-contracts/solana/ownership_check/README.md)
+        - [Signer Check](./not-so-smart-contracts/solana/signer_check/README.md)
+        - [Sysvar Account Check](./not-so-smart-contracts/solana/sysvar_account_check/README.md)
+
+    - [Substrate](./not-so-smart-contracts/substrate/README.md)
+        - [Arithmetic overflow](./not-so-smart-contracts/substrate/arithmetic_overflow/README.md)
+        - [Don't panic!](./not-so-smart-contracts/substrate/dont_panic/README.md)
+        - [Weights and fees](./not-so-smart-contracts/substrate/weights_and_fees/README.md)
+        - [Verify first](./not-so-smart-contracts/substrate/verify_first/README.md)
+        - [Unsigned transaction validation](./not-so-smart-contracts/substrate/validate_unsigned/README.md)
+        - [Bad randomness](./not-so-smart-contracts/substrate/randomness/README.md)
+        - [Bad origin](./not-so-smart-contracts/substrate/origins/README.md)
+
+- [Program Analysis](./program-analysis/README.md)
+    - [Echidna](./program-analysis/echidna/README.md)
+        - [Introduction]()
+            - [Introduction to fuzzing](./program-analysis/echidna/fuzzing-introduction.md)
+            - [How to test a property](./program-analysis/echidna/how-to-test-a-property.md)
+        - [Basic]()
+            - [How to select the most suitable testing mode](./program-analysis/echidna/testing-modes.md)
+            - [How to select the best testing approach](./program-analysis/echidna/common-testing-approaches.md)
+            - [How to filter functions](./program-analysis/echidna/filtering-functions.md)
+            - [How to test assertions](./program-analysis/echidna/assertion-checking.md)
+            - [How to write good properties step by step](./program-analysis/echidna/property-creation.md)
+            - [Frequently Asked Questions](./program-analysis/echidna/frequently_asked_questions.md)
+        -  [Advanced]()
+            - [How to collect a corpus](./program-analysis/echidna/collecting-a-corpus.md)
+            - [How to use optimization mode](./program-analysis/echidna/optimization_mode.md)
+            - [How to detect high gas consumption](./program-analysis/echidna/finding-transactions-with-high-gas-consumption.md)
+            - [How to perform smart contract fuzzing at a large scale](./program-analysis/echidna/smart-contract-fuzzing-at-scale.md)
+
+            - [How to test bytecode-only contracts](./program-analysis/echidna/testing-bytecode.md)
+            - [How to use hevm cheats to test permit](./program-analysis/echidna/hevm-cheats-to-test-permit.md)
+            - [How to seed Echidna with unit tests](./program-analysis/echidna/end-to-end-testing.md)
+            - [Understanding and using `multi-abi`](./program-analysis/echidna/using-multi-abi.md)
+            - [Fuzzing tips](./program-analysis/echidna/fuzzing_tips.md)
+        - [Exercises]()
+            - [Exercise 1](./program-analysis/echidna/Exercise-2.md)
+            - [Exercise 3](./program-analysis/echidna/Exercise-3.md)
+            - [Exercise 4](./program-analysis/echidna/Exercise-4.md)
+            - [Exercise 5](./program-analysis/echidna/Exercise-5.md)
+            - [Exercise 6](./program-analysis/echidna/Exercise-6.md)
+            - [Exercise 7](./program-analysis/echidna/Exercise-7.md)
+            - [Exercise 8](./program-analysis/echidna/Exercise-8.md)
+
+    - [Manticore](./program-analysis/manticore/README.md)
+        - [Introduction to symbolic execution](./program-analysis/manticore/symbolic-execution-introduction.md):
+        - [Running under Manticore](./program-analysis/manticore/running-under-manticore.md)
+        - [Getting throwing paths](./program-analysis/manticore/getting-throwing-paths.md)
+        - [Adding constraints](./program-analysis/manticore/adding-constraints.md)
+        - [Exercises](./program-analysis/manticore/exercises/README.md)
+            - [Example](./program-analysis/manticore/exercises/example.md)
+            - [Exercise 1](./program-analysis/manticore/exercises/exercise1.md)
+            - [Exercise 2](./program-analysis/manticore/exercises/exercise2.md)
+
+    - [Slither](./program-analysis/slither/README.md)
+        - [Exercise 1](./program-analysis/slither/exercise1.md)
+        - [Exercise 2](./program-analysis/slither/exercise2.md)
+
+
+- [Resources](./resources/tob_blogposts.md)

book.toml

@@ -0,0 +1,18 @@
+[book]
+authors = ["Trail of Bits"]
+language = "en"
+multilingual = false
+src = "."
+title = "Building Secure Contracts"
+description = "Follow our guidelines and best practices to write secure smart contracts."
+
+[output.html]
+git-repository-url = "https://github.com/crytic/building-secure-contracts"
+edit-url-template = "https://github.com/crytic/building-secure-contracts/edit/master/{path}"
+default-theme = "ayu"
+cname = "crytic.github.io/building-secure-contracts"
+no-section-label = true
+
+[output.html.fold]
+enable = true
+level = 1