Solidity Development

Comprehensive skill for EVM/Solidity smart contract development, combining build/test workflows, gas optimization, and security analysis.

When This Skill Activates

• Working on .sol files
• Running Foundry commands (forge, cast, anvil)
• Contract deployment or testing
• ABI or interface changes
• Gas optimization tasks
• Security review or pre-audit preparation

Scope

• Solidity contracts (core protocol)
• Foundry tests and scripts
• Deployment scripts
• Contract interfaces and ABIs
• Gas analysis and optimization
• Security scanning (Slither)

---

Part 1: Development Workflows

Build & Test

forge build
forge test
forge test -vvv  # verbose
forge test --match-test "testSpecificFunction"
forge test --match-path test/SomeContract.t.sol

Deploy

forge script script/Deploy.s.sol --broadcast --rpc-url $RPC_URL

After Contract Changes

1. Update interface if signature changed
2. Rebuild ABIs: forge build
3. Run tests: forge test
4. Sync to frontend if needed

Code Standards

• Use OpenZeppelin for standard patterns
• Custom errors over require strings
• Events for all state changes
• NatSpec comments on public functions
• WAD math (1e18) for precision, convert at boundaries

---

Part 2: Gas Optimization

Gas Analysis Commands

# Create baseline snapshot
forge snapshot --snap .gas-baseline

# Run gas report
forge test --gas-report

# Compare against baseline
forge snapshot --diff .gas-baseline

# Check specific function
forge test --match-test test_PlaceOrder --gas-report -vvv

# Storage layout analysis
forge inspect ContractName storage-layout --pretty

Optimization Patterns

Pattern	Savings	Example
Storage Packing	~20,000 gas/slot	Combine uint128 + uint128 into single slot
Calldata vs Memory	~60 gas/word	Use calldata for read-only arrays
Unchecked Math	~40 gas/op	Use unchecked {} when overflow impossible
Cache Storage	~100 gas/read	uint256 cached = storageVar;
Short-circuit	Variable	Put cheaper checks first in require
Avoid Zero Init	~3 gas/var	Don't initialize to default values

Gas Optimization Checklist

• [ ] Storage variables packed efficiently
• [ ] Hot path functions use calldata for arrays
• [ ] Loops have unchecked increments
• [ ] Storage reads cached in local variables
• [ ] No redundant zero-initializations
• [ ] Short-circuit conditions ordered by cost

Anti-Patterns

• Don't optimize cold paths at expense of readability
• Don't use assembly unless savings > 1000 gas
• Don't sacrifice security for gas savings

---

Part 3: Security Analysis

Slither Commands

# Full analysis
slither . --config-file slither.config.json

# Target specific contract
slither src/ContractName.sol

# Generate JSON report
slither . --json slither-report.json

# Run specific detector
slither . --detect reentrancy-eth

# Function summary
slither . --print function-summary

High-Severity Detectors

Detector	Severity	Description
reentrancy-eth	HIGH	Reentrancy with ETH transfer
reentrancy-no-eth	HIGH	Reentrancy without ETH
arbitrary-send-eth	HIGH	Arbitrary ETH destination
controlled-delegatecall	HIGH	Delegatecall to user input
suicidal	HIGH	Selfdestruct with user control
uninitialized-state	HIGH	Uninitialized state variables

Security Checklist

Access Control

• [ ] All external functions have proper modifiers
• [ ] Owner/admin functions protected
• [ ] Role-based access properly enforced

Reentrancy

• [ ] CEI pattern followed (Checks-Effects-Interactions)
• [ ] External calls after state updates
• [ ] ReentrancyGuard on vulnerable functions

Math & Validation

• [ ] Arithmetic checked or intentionally unchecked
• [ ] Division by zero protected
• [ ] Zero address checks
• [ ] Array bounds checked

Common Vulnerability Patterns

Reentrancy

// VULNERABLE
function withdraw() external {
    uint256 amount = balances[msg.sender];
    (bool success,) = msg.sender.call{value: amount}("");
    balances[msg.sender] = 0; // State update AFTER external call
}

// FIXED
function withdraw() external nonReentrant {
    uint256 amount = balances[msg.sender];
    balances[msg.sender] = 0; // State update BEFORE external call
    (bool success,) = msg.sender.call{value: amount}("");
}

Access Control

// VULNERABLE
function setPrice(uint256 price) external {
    currentPrice = price; // No access control
}

// FIXED
function setPrice(uint256 price) external onlyOwner {
    currentPrice = price;
}

DeFi-Specific Checks

• [ ] No same-block price dependencies (flash loan risk)
• [ ] Slippage protection on swaps
• [ ] Commit-reveal for sensitive ops
• [ ] Deadline parameters respected
• [ ] Oracle manipulation protected (use TWAP/Chainlink)

---

Audit Preparation Checklist

• [ ] forge build compiles without warnings
• [ ] forge test passes with >80% coverage
• [ ] Slither runs clean (or issues documented)
• [ ] All external functions documented (NatSpec)
• [ ] Access control matrix documented
• [ ] Invariant tests pass
• [ ] Dependencies audited/pinned