copper-tone-tech/mev-beta
1
0
Fork 0
Code Issues Pull Requests 7 Actions Packages Projects Releases Wiki Activity
Files
38cce575f58a10b9f5087e7eedb3b4127db6b52f
mev-beta/.claude/commands/security-audit.md
Krypto Kajun 38cce575f5 feat: Enhanced Claude Code configuration with comprehensive best practices 
- Updated project CLAUDE.md with detailed commands, workflows, and guidelines
- Added environment configuration and performance monitoring commands
- Enhanced security guidelines and commit message conventions
- Created 5 custom slash commands for common MEV bot development tasks:
  * /analyze-performance - Comprehensive performance analysis
  * /debug-issue - Structured debugging workflow
  * /implement-feature - Feature implementation framework
  * /security-audit - Security audit checklist
  * /optimize-performance - Performance optimization strategy
- Updated global CLAUDE.md with universal best practices
- Improved file organization and development standards

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-14 07:41:04 -05:00

1.8 KiB
Raw Blame History

MEV Bot Security Audit

Perform a comprehensive security audit of the MEV bot focusing on: $ARGUMENTS

Security Audit Checklist:

1. Code Security Analysis

# Static security analysis
gosec ./...

# Dependency vulnerabilities
go list -json -m all | nancy sleuth

# Secret scanning
git-secrets --scan

2. Input Validation Review

  • Transaction data parsing validation
  • RPC response validation
  • Configuration parameter validation
  • Mathematical overflow/underflow checks
  • Buffer overflow prevention

3. Cryptographic Security

  • Private key handling and storage
  • Signature verification processes
  • Random number generation
  • Hash function usage
  • Encryption at rest and in transit

4. Network Security

  • RPC endpoint authentication
  • TLS/SSL configuration
  • Rate limiting implementation
  • DDoS protection mechanisms
  • WebSocket connection security

5. Runtime Security

  • Memory safety in Go code
  • Goroutine safety and race conditions
  • Resource exhaustion protection
  • Error information disclosure
  • Logging security (no sensitive data)

Specific MEV Bot Security Areas:

Transaction Processing

  • Validate all transaction inputs
  • Prevent transaction replay attacks
  • Secure handling of swap calculations
  • Protection against malicious contract calls

Market Data Integrity

  • Price feed validation
  • Oracle manipulation detection
  • Historical data integrity
  • Real-time data verification

Financial Security

  • Gas estimation accuracy
  • Slippage protection
  • Minimum profit validation
  • MEV protection mechanisms

Output Requirements:

  • Detailed security findings report
  • Risk assessment (Critical/High/Medium/Low)
  • Remediation recommendations
  • Implementation timeline for fixes
  • Security testing procedures
Reference in New Issue View Git Blame Copy Permalink