0xriazaka/Move-Audit-Resources

#  # Move Audit Resources 本存储库包含一组专注于审计 Move 智能合约的资源。它包含工具、最佳实践、检查清单和指南，以帮助开发者和审计人员确保基于 Move 的项目的安全性和可靠性。 ## move security blogs (OtterSec) - 审计员入门指南 : https://osec.io/blog/2022-09-06-move-introduction - Move Prover : https://osec.io/blog/2022-09-16-move-prover - Move 的独特方面 : https://x.com/osec_io/status/1641543816581726209 ## move security blogs (zellic) - 十亿美元的 Move 漏洞 : https://www.zellic.io/blog/the-billion-dollar-move-bug - 前 10 个 Aptos Move 漏洞 : https://www.zellic.io/blog/top-10-aptos-move-bugs - 快速构建并破坏 Move 安全第一部分 : https://www.zellic.io/blog/move-fast-and-break-things-pt-1 - 快速构建并破坏 Move 安全第二部分 : https://www.zellic.io/blog/move-fast-break-things-move-security-part-2 ## move language security analysis (SharkTeam) - 第 1 章 : https://www.sharkteam.org/report/analysis/20221114001A_en.pdf - 第 2 章 : https://www.sharkteam.org/report/analysis/20221118001A_en.pdf - 第 3 章 : https://www.sharkteam.org/report/analysis/20221125001A_en.pdf - 第 4 章 : https://www.sharkteam.org/report/analysis/20221202001A_en.pdf - 第 5 章 : https://www.sharkteam.org/report/analysis/20221212001A_en.pdf - 第 6 章 : https://www.sharkteam.org/report/analysis/20230103001A_en.pdf - 第 8 章 : https://www.sharkteam.org/report/analysis/20230130001A_en.pdf - 第 9 章 : https://www.sharkteam.org/report/analysis/20230216001A_en.pdf - 第 10 章 : https://www.sharkteam.org/report/analysis/20230224001A_en.pdf - 其他 : https://www.sharkteam.org/report/analysis/20221013001A_en.pdf ## move security guidelines (Aptos) - https://aptos.dev/en/build/smart-contracts/move-security-guidelines ## formal verification of smart contracts with the move prover - https://aptos.dev/en/build/smart-contracts/prover ## move and sui security assessment - https://github.com/sui-foundation/security-audits/blob/main/docs/Move%20and%20Sui%20Security%20Assessment%20-%20Zellic%20Audit%20Report.pdf ## introduction to auditing Sui (SlowMist) - https://slowmist.medium.com/slowmist-introduction-to-auditing-sui-move-contracts-da005149f6bc ## tools (MoveBit) - Sui Move Analyzer : https://www.movebit.xyz/analyzer - Aptos Move Analyzer : https://www.movebit.xyz/AptosMoveAnalyzer - Aptos Move Formatter : https://www.movebit.xyz/AptosMoveFormatter - Move Web IDE : https://www.movebit.xyz/MoveWebIDE - Move Scanner : https://www.movebit.xyz/MoveScanner - Sui Contract Source Verifier : https://www.movebit.xyz/ContractSourceVerifier ## sui fuzzer (FuzzingLabs) - https://github.com/FuzzingLabs/sui-fuzzer ## move auditor — Claude Code skill (pantheraudits) - AI-powered Move smart contract auditor for Sui & Aptos with 190+ vulnerability patterns, DeFi-specific checks, and false-positive filtering : https://github.com/pantheraudits/move-auditor ## other articles - 夹心攻击 : https://x.com/Move__jay/status/1798496048416952664 ## move ecosystem audit companies - OtterSec : https://osec.io - Zellic : https://www.zellic.io - MoveBit : https://movebit.xyz - SharkTeam : https://www.sharkteam.org ## DM for Private Move Audit [Telegram](https://t.me/Oxriazaka) ## [License](https://github.com/0xriazaka/Move-Audit-Resources/blob/main/LICENSE) MIT © [0xriazaka](https://github.com/0xriazaka)

标签：Aptos, Move Prover, Move 合约, Move 安全博客, Move 安全审计, OtterSec, SharkTeam, XML 请求, Zellic, 区块链安全, 区块链开发, 可视化界面, 安全可靠性, 安全审核, 安全开发, 安全指南, 审计资源, 形式化验证, 智能合约审计, 最佳实践, 服务器监控, 检查清单, 漏洞分析, 路径探测