• Difficulty - Medium
    Total Plays - 12
    Allowed Time - 10 sec
    Best time - --

    Which storage type enables EIP-1167 minimal clones to be cheap?

    Tip: Click "Play" to reveal options and start playing.

    #A
    #B
    #C
    #D
    Explanation:
    Minimal proxy clones (EIP-1167) keep logic in an implementation and rely on proxy bytecode forwarding calls, making deployment cheap. In practice, immutables in the implementation help keep runtime reads efficient and reduce repeated storage reads for configuration-like values. Candidates are often tested on why clones save gas and how configuration is safely handled.
    Leaderboard
  • Difficulty - Medium
    Total Plays - 14
    Allowed Time - 10 sec
    Best time - 1.736 sec

    Which pattern most directly reduces reentrancy risk on external transfers?

    Tip: Click "Play" to reveal options and start playing.

    #A
    #B
    #C
    #D
    Explanation:
    The Checks-Effects-Interactions (CEI) pattern reduces reentrancy by making you validate inputs and update internal state before any external call (like ETH transfer or token transfer). If a malicious contract re-enters, state has already moved forward, limiting exploitability. Many interviewers treat CEI as a must-know Solidity security habit for production contracts
    Leaderboard
  • Difficulty - Medium
    Total Plays - 11
    Allowed Time - 10 sec
    Best time - 6.708 sec

    In EVM, which opcode can silently fail and return a boolean instead of reverting?

    Tip: Click "Play" to reveal options and start playing.

    #A
    #B
    #C
    #D
    Explanation:
    Low-level CALL (and friends like DELEGATECALL) returns a success flag rather than automatically bubbling a revert. If you don’t check that boolean (or decode return data properly), your contract may continue in a “success-looking” state while the external call actually failed. This is a classic Solidity audit finding tied to unsafe external interactions.
    Leaderboard
  • Difficulty - Medium
    Total Plays - 32
    Allowed Time - 10 sec
    Best time - --

    Which audit signal indicates poor threat modeling?

    Tip: Click "Play" to reveal options and start playing.

    #A
    #B
    #C
    #D
    Explanation:
    A happy-path-only focus is a strong signal of poor threat modeling in blockchain security because it ignores attacker behavior, edge cases, and abuse scenarios. Strong smart contract audit readiness requires adversarial thinking, not just normal-flow testing.
    Leaderboard
  • Difficulty - Medium
    Total Plays - 22
    Allowed Time - 10 sec
    Best time - --

    Which audit issue is most often downgraded incorrectly?

    Tip: Click "Play" to reveal options and start playing.

    #A
    #B
    #C
    #D
    Explanation:
    Front-running is often downgraded incorrectly in smart contract audits because teams underestimate MEV and mempool-based exploitability. In DeFi security, transaction ordering attacks can cause repeated economic loss even without a classic code exploit.
    Leaderboard
  • Difficulty - Medium
    Total Plays - 19
    Allowed Time - 10 sec
    Best time - --

    Which finding has highest real-world exploit probability?

    Tip: Click "Play" to reveal options and start playing.

    #A
    #B
    #C
    #D
    Explanation:
    Access control bugs often have the highest real-world exploit probability in smart contracts because attackers can directly call privileged functions when role checks fail. In blockchain security audits, broken authorization logic is a common cause of fund loss and protocol takeover.
    Leaderboard
  • 2 days left
    Remote · New York Posted: Feb 22, 2026
    Job description
    Category Labs (formerly Monad Labs) is building high-performance infrastructure around an optimized EVM client designed to improve blockchain throughput without sacrificing portability. This position sits within web3 smart contract roles focused on application-layer engineering over a next-generation EVM implementation. As a Smart Contract Engineer, you will design and implement Solidity...
    Details Login to apply
  • Job Expired
    T

    Technical Writer

    TON FoundationFull TimeNA

    Remote · Worldwide Posted: Jan 18, 2026
    Job description
    TON Foundation is a non-profit organization supporting the growth and adoption of The Open Network (TON) blockchain. The Technical Writer will create, update, and maintain developer documentation that helps builders understand and use TON tools and APIs. This role partners closely with engineering and product teams to extract accurate technical...
    Details Login to apply
  • Difficulty - Medium
    Total Plays - 37
    Allowed Time - 10 sec
    Best time - 0.900

    Which opcode is deprecated but still callable?

    Tip: Click "Play" to reveal options and start playing.

    #A
    #B
    #C
    #D
    Explanation:
    CALLCODE is deprecated due to unsafe context handling. It remains callable for backward compatibility but should never be used in new designs.
    Leaderboard
  • 8 days left
    L

    Mid / Senior Smart Contract Engineer

    LI.FIFull TimeNA

    Remote · Remote EMEA, Remote APAC Posted: Jan 3, 2026
    Job description
    LI.FI - Bridge & DEX Aggregation Protocol builds infrastructure that enables unified access to on-chain liquidity across multiple blockchains through a single API, supporting same-chain and cross-chain swaps. This role sits within the Smart Contract API Expansion team, which focuses on integrating new chains, bridges, and protocol functionality across EVM...
    Details Login to apply
  • Difficulty - Medium
    Total Plays - 22
    Allowed Time - 10 sec
    Best time - 1.367

    Which opcode differentiates EOAs from contracts?

    Tip: Click "Play" to reveal options and start playing.

    #A
    #B
    #C
    #D
    Explanation:
    EXTCODESIZE returns zero for EOAs and non-zero for deployed contracts. This distinction is commonly used for contract detection, though it has edge cases.
    Leaderboard
  • Difficulty - Medium
    Total Plays - 26
    Allowed Time - 10 sec
    Best time - 1.582 sec

    Which opcode returns remaining gas?

    Tip: Click "Play" to reveal options and start playing.

    #A
    #B
    #C
    #D
    Explanation:
    GASLEFT returns the amount of gas remaining in the current execution context. It is commonly used for gas-aware logic and debugging.
    Leaderboard
  • Difficulty - Medium
    Total Plays - 23
    Allowed Time - 10 sec
    Best time - 3.422

    Which type consumes exactly one storage slot regardless of value?

    Tip: Click "Play" to reveal options and start playing.

    #A
    #B
    #C
    #D
    Explanation:
    bytes32 always occupies a full 32-byte storage slot. Smaller types may be packed together, but bytes32 always stands alone.
    Leaderboard
  • Difficulty - Medium
    Total Plays - 20
    Allowed Time - 10 sec
    Best time - 1.200

    Why does storage write order matter for structs?

    Tip: Click "Play" to reveal options and start playing.

    #A
    #B
    #C
    #D
    Explanation:
    Solidity packs struct variables tightly into storage slots based on declaration order. Reordering fields can change slot boundaries and break upgrade compatibility.
    Leaderboard
  • Difficulty - Medium
    Total Plays - 16
    Allowed Time - 10 sec
    Best time - 0.784

    What determines the base slot of a mapping?

    Tip: Click "Play" to reveal options and start playing.

    #A
    #B
    #C
    #D
    Explanation:
    The base slot of a mapping is derived using keccak256(key . slot). This hashing ensures unique storage locations per key without collisions.
    Leaderboard
  • Difficulty - Medium
    Total Plays - 13
    Allowed Time - 10 sec
    Best time - 5.093

    Which operation causes storage slot re-packing?

    Tip: Click "Play" to reveal options and start playing.

    #A
    #B
    #C
    #D
    Explanation:
    Changing variable types alters how Solidity packs them into storage slots. This can shift offsets and corrupt existing storage layouts in upgradeable contracts.
    Leaderboard
  • Difficulty - Medium
    Total Plays - 20
    Allowed Time - 10 sec
    Best time - 1.638

    Which data location is read-only by default?

    Tip: Click "Play" to reveal options and start playing.

    #A
    #B
    #C
    #D
    Explanation:
    Calldata is immutable and cannot be modified by the callee. This makes it gas-efficient and safe for external function inputs
    Leaderboard
  • Difficulty - Medium
    Total Plays - 19
    Allowed Time - 10 sec
    Best time - 1.548 sec

    What happens to storage slots after contract self-destruct?

    Tip: Click "Play" to reveal options and start playing.

    #A
    #B
    #C
    #D
    Explanation:
    Storage is not automatically wiped when a contract self-destructs. The data remains on-chain and can be accessed again if a contract is redeployed at the same address.
    Leaderboard