We are pleased to announce that the SlowMist (Web3 Project Security Manual) (referred to as the "Red Manual") has officially launched the Japanese version. With the rapid development of the Web3 ecosystem, blockchain technology and cryptocurrency have been deeply integrated into the global financial system, and security issues have become the focus of industry attention. How to establish sound security rules and reduce potential risks has become a topic that Web3 project parties and developers need to solve urgently.

In order to help global Web3 developers improve their security capabilities systematically, we have previously launched the (Web3 Project Security Manual) to provide comprehensive security guidance for various projects in the Web3 ecosystem, and have released bilingual versions in Chinese and English. Today, we officially launched the Japanese version to facilitate more Japanese readers to read and learn and master the best practices of Web3 security. As one of the key markets for the development of Web3, Japan has many blockchain companies, developers and research institutions. This release will help the Japanese Web3 community more efficiently acquire professional security knowledge, improve security prevention capabilities, and promote the healthy and sustainable development of the local Web3 ecosystem.

It is particularly worth mentioning that the translation of the Japanese version was strongly supported by our friend @JackJia2021(https://x.com/jackjia2021/). With his professional translation and careful polishing, the content was accurately conveyed, enabling Japanese readers to understand the Red Manual more clearly and apply it to actual business. Here, we would like to express our sincere gratitude to Jack!

Professional security guide to empower the Web3 ecosystem

Blockchain technology is reshaping the global financial system, but security challenges always accompany the development of the industry. The Red Manual is based on the practical experience of the SlowMist security team in the field of blockchain security over the years and covers the following core contents:

Web3 Project Security Practice Requirements

This section aims to help project teams in the blockchain ecosystem master the corresponding security skills. It is hoped that project teams can establish and improve their own security systems based on the security practice requirements of Web3 projects, and have certain security capabilities after the audit.

The Web3 project security practice requirements are currently in version v0.1, and the full content can be read through the link [1].

Smart Contract Security Audit Skill Tree

This skill tree is a skill set for the smart contract security audit engineers of the SlowMist Security Team. It aims to list the skills required for smart contract security audits for team members and drive them to form self-evolutionary thinking in research, creation, and engineering. It is mainly divided into four parts: finding the door to enter, singing by the door, integrating and understanding, and breaking out of the door. It lists the professional skills that need to be mastered at each stage from shallow to deep, as shown in the following figure:

The full text can be read through this link [2].

A Guide to Security Auditing of Blockchain-Based Cryptocurrencies

As an asset with intrinsic value, crypto assets are irreversible and difficult to trace, which gives hackers a strong motivation to commit crimes. This section of the Redbook not only covers common security vulnerabilities, but also provides detailed security research, including the following:

  • Cryptocurrency Threat Modeling

  • Test Method

  • Vulnerability Severity

  • Public chain security research

  • Public chain security audit

  • Blockchain application audit

The full text can be read through this link [3].

Crypto asset security solutions

This solution is the result of many years of practical experience of the SlowMist security team in frontline service to Party A, and is designed to provide a comprehensive asset security solution for participants in the crypto world. We divide the crypto asset security into the following five parts, and provide a detailed interpretation of each part, including various risks and corresponding solutions.

This solution is the first complete solution for crypto asset security launched by SlowMist based on its many years of frontline security attack and defense practices in the blockchain ecosystem. You can read the full content through the link [4].

Final Thoughts

SlowMist has always been committed to providing security empowerment for the global Web3 ecosystem. We are well aware that in this field where technology iterations are rapid and risks and challenges coexist, security is not only related to the survival of a single project, but also to the sustainable development of the entire Web3 ecosystem.

In the future, we will continue to expand more language versions, lower the threshold for the dissemination of security knowledge, allow more developers, project parties and institutions to obtain professional security guides, and enhance the security protection capabilities of the Web3 ecosystem. At the same time, we will continue to increase investment in security research and technological innovation, explore more complete security solutions, and provide effective security practices for the industry.

In the "dark forest" of Web3, which is full of unknowns and opportunities, we hope to build a trustworthy security area for global developers through professional security research and practical experience, and work together to promote the Web3 ecosystem towards a more secure, transparent and sustainable future.

Currently, the Chinese, English and Japanese versions of the Red Handbook are all online: https://www.slowmist.com/redhandbook/.

[1] https://github.com/slowmist/Web3-Project-Security-Practice-Requirements

[2] https://github.com/slowmist/SlowMist-Learning-Roadmap-for-Becoming-a-Smart-Contract-Auditor

[3] https://github.com/slowmist/Cryptocurrency-Security-Audit-Guide

[4] https://github.com/slowmist/cryptocurrency-security