assert() triggers a Panic error and is intended only for internal guarantees. If it fires in production, it indicates a compiler or logic bug. Developers should use require() for user-facing validation.

Validating msg.value early ensures no state mutation occurs before detecting invalid ether transfers. This prevents partially updated storage on failure, preserving atomicity. It aligns with checks-effects-interactions

Selector collisions occur when different function signatures hash to the same first 4 bytes. This leads to unintended dispatching and silent bugs. It’s especially dangerous in diamond proxies and minimal routers.

Fallbacks receive raw calldata without predefined structure, forcing developers to manually decode and validate inputs. Any mistake leads to reentrancy or mis-routing. They must be extremely minimal.

Storage accesses require Merkle-Patricia proof validation at the state level. This makes SLOAD one of the most expensive operations in Solidity. Caching values into memory significantly reduces repeated cost.

Unbounded loops that depend on storage or user-controlled arrays can exhaust gas and render functions uncallable. Attackers can intentionally cause denial-of-service through loop amplification. Good design avoids external iteration

String comparison requires hashing or byte-by-byte checks, both of which are expensive in the EVM model. It also introduces risk when mixed with packed encodings. Developers instead rely on enums or hashed IDs.

Memory follows a quadratic cost function, meaning costs rise rapidly as the memory footprint grows. Careless array allocations can suddenly inflate execution cost. This is a frequent root cause of gas blowups in audits.

PUSH0 provides a zero literal without consuming calldata or memory. This reduces bytecode size and simplifies stack management. It's extremely helpful in tight loops and assembly-heavy contracts.

State shadowing happens when a derived contract redeclares a state variable with the same name as a parent. This creates storage misalignment and unexpected slot overwrites. Auditors treat this as a major upgradeability and correctness risk.

Calldata avoids copying user inputs into memory, significantly reducing gas usage for large payloads. Router contracts receive untrusted inputs, so avoiding memory expansion is both cheaper and safer. This is why AMMs and DEX routers heavily rely on calldata

Silent reverts hide failure reasons, making debugging and validation difficult. They also open the door for inconsistent execution paths

REVERT allows returning structured revert data back to the caller, which improves debugging and interface guarantees. INVALID terminates execution with no return payload. This distinction is crucial for protocols relying on bubble-up error messaging.

Multi-step operations can leave the contract in a partially updated state if execution halts. Attackers exploit these interim states to bypass checks.

EXTCODESIZE checks if the target has code deployed. It helps detect contracts vs EOAs in validation logic