askill
security

securitySafety --Repository

Security auditing patterns for Midnight Network smart contracts and dApps. Use when reviewing code for vulnerabilities, privacy leaks, cryptographic weaknesses, or performing security audits.

securityFractionEstate
0 stars
1.2k downloads
Updated 1/5/2026

Package Files

Loading files...
SKILL.md

Security Auditing for Midnight Network

Expert knowledge for auditing Midnight Network contracts and privacy-preserving applications.

Security Priorities

  1. Privacy Protection - Ensure sensitive data stays private
  2. Cryptographic Integrity - Verify commitments, nullifiers, proofs
  3. Access Control - Validate authorization patterns
  4. Input Validation - Check all assertions and bounds
  5. State Safety - Prevent manipulation and reentrancy

Severity Classification

LevelIconDescriptionExamples
CriticalπŸ”΄Funds at risk, privacy brokenWitness exposure, key leak
High🟠Significant leak or bypassPredictable nullifier
Medium🟑Logic errors, incomplete checksMissing validation
Low🟒Best practice violationsPoor error messages
Infoℹ️Improvement suggestionsCode clarity

Quick Checklist

Compact Contracts

  • All assertions have descriptive messages
  • Sensitive data uses witness or secret
  • No plaintext secrets in ledger
  • Commitments use salt (hash2)
  • Nullifiers include secret context
  • Range checks before arithmetic
  • Access control where needed

TypeScript dApps

  • Wallet availability checked
  • Transactions properly confirmed
  • No secrets logged or exposed
  • Private state encrypted
  • Error boundaries in place
  • HTTPS enforced

References

Assets

Install

Download ZIP
Requires askill CLI v1.0+β–Ά

AI Quality Score

AI review pending.

Metadata

Licenseunknown
Version-
Updated1/5/2026
PublisherFractionEstate

Tags

security