Ethereum Smart Contract Security

Learn the best practices of developing Ethereum smart contracts. Famous hacks such as the DAO and Parity are explained, implemented and demonstrated.


Why you should enroll

When Smart Contracts became popular it opened up a new world for programmers. For the first time ever we could program decentralized applications that ran on the blockchain. And not only that, software could now own money. This was a revolution for developers all over the world. But it also created new risks that developers didn't foresee... In 2016, $70 MILLION was stolen in one of the most well known hacks in crypto history, the DAO hack. The problem was, the developers had programmed the DAO just like any other software. Without knowing that Smart Contract Programming requires an entirely new mindset. That's why we created this course. Not only will we go through and explain many famous smart contract hacks. Here we will also cover the Software Design Principles you need to know, new Risk Management Principles, new Governing Principles, how to build Upgradeable Contracts and much much more.


This course consists of approximately 10 hours of video content, assignments, exams and certification. Check out the detailed curriculum below.


  • Welcome by Ivan & Filip
  • Prerequisites
  • Disclaimer
  • Course Structure
  • IMPORTANT - ToshiTimes Forum

Hyperinflation crypto Vulnerability

  • Overflow Vulnerability Introduction
  • Hyperinflation Vulnerability - Reading Assignment
  • BatchTransfer Error Explained
  • Solidity Vulnerability Demonstrated
  • Fixing the Bug With SafeMath
  • Overflow.sol and Safemath.sol Source Code
  • Quiz: Hyperinflation Vulnerability 

Developer Mindset

  • Introduction
  • Why do we need a special Mindset?
  • Part 1 - The New Ecosystem
  • Part 2 - The High Cost of Failure
  • Reading Assignment: Mindset
  • Part 3 - Difficult upgradeability
  • Part 3 Bonus - How to Plan for Proxy Upgrades
  • Quiz: Developer Mindset

Extrenal Contracts & Calls

  • Introduction
  • The Danger with Extrenal Contract Calls
  • Re-entrency Attacks
  • Re-entrency Attacks - Solution
  • Sending Ether - How to do it Safely
  • Push & Pull - Contract Design
  • Quiz: Extranal Contracts & Calls
  • Hacks Demonstrated & Explained

  • Introduction
  • DAO Hacks Explanation
  • Reading Assignment: DAO
  • DAO Hack - Replicating the Vulnerability Part 2
  • DAO Hack - Replicating the Vulnerability Part 3
  • DAO Hack - Replicating the Vulnerability - Code File
  • Parity Freeze Hack Explained
  • Parity Freeze Hack - Replicating the Vulnerability
  • Parity Freeze Hack - Replicating the Vulnerability - Code File
  • Quiz: DAO & Parity Hacks

Invariants & Error Handling

  • Introduction
  • Solidity Error Handling Recap
  • What is an Invariant
  • Combine Assert & Invariants
  • How to Use Modifiers Correctly
  • Quiz: Invariants & Error Handling

Smart Contact Upgradeability - basic Example

  • Introduction
  • Contract Overview
  • Part 1 - Storage Contract
  • Part 2 - Functional Contract
  • Part 3 - Proxy Cntract
  • Part 4 - Deploy & Test
  • Summary
  • Quiz: Basic Upgradeable Contract

Smart contract Upgradeability - Full Example

  • Introduction
  • What Was Wrong with Our Simple Proxy?
  • Prerequisites
  • Part 1 - Setup Enviroment
  • Part 2 - Building a New Storage Contract
  • Part 3- Building the Functional Contract
  • Part 4 - Building The Proxy Contract Base
  • Part 5 - Building Proxy Functionality
  • Part 6 - Building Migrations & Deploying 
  • Part 7 - Interacting & Testing our Proxy
  • Part 8 - Improving & Updating
  • Part 9 - Owner Issue Clarification
  • Part 10 - Fixing the Owner Issue
  • Part 11 - Summary
  • Bonus: A Better Way to Upgrade

Pausable Contracts

  • Introduction
  • What is it and why do we need it?
  • Implementation
  • Quiz: Pausable Contracts


  • Congratulations and Well Done!

Your instructor


Ivan runs Ivan on Tech - one of the most successful and trusted blockchain channels on Youtube and is also an international blockchain speaker and educator. Millions of people all around the world have listened, learned and been inspired by Ivan. Now he has created a course for his followers and subscribers, so that they can get the same knowledge as the big corporations.


50% Complete

Two Step

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.