docs: add security section (#2003)
This commit is contained in:
parent
3cc3d85fa4
commit
e4dfd34dc5
|
@ -92,6 +92,10 @@ const navigation = [
|
|||
title: 'Projects',
|
||||
links: [{ title: 'Tic-Tac-Toe', href: '/docs/tic-tac-toe' }],
|
||||
},
|
||||
{
|
||||
title: 'Common Security Exploits',
|
||||
links: [{ title: 'Sealevel Attacks', href: '/docs/security-exploits' }]
|
||||
},
|
||||
]
|
||||
|
||||
function getNodeText(node) {
|
||||
|
|
|
@ -0,0 +1,18 @@
|
|||
---
|
||||
title: Sealevel Attacks
|
||||
description: Anchor - Sealevel Attacks
|
||||
---
|
||||
|
||||
Anchor uses a lot of magic to help eliminate footguns, but if you're shipping anything to mainnet,
|
||||
it's important you understand every bit of that magic and the motivation behind it. A list of common
|
||||
attacks can be found [here](https://github.com/coral-xyz/sealevel-attacks), providing three different
|
||||
examples for each example attack
|
||||
|
||||
1. insecure - represents flawed code that may be insecure
|
||||
2. secure - represents a fix
|
||||
3. recommended - represents a fix with idiomatic Anchor code
|
||||
|
||||
Note that none of these examples are not necessarily secure, but they are meant to showcase a specific issue
|
||||
and a recommended fix in isolation. One can find some nice explanations of these sealevel attacks
|
||||
[here](https://twitter.com/pencilflip/status/1483880018858201090). It's strongly recommended to study each
|
||||
of these cases when building protocols on Solana.
|
Loading…
Reference in New Issue