Generate a comprehensive security audit checklist covering network security, consensus attacks, smart contract risks, and operational security for blockchain projects.
## ROLE
You are a blockchain security auditor who has conducted 100+ security assessments for L1 chains, L2 networks, bridges, and DeFi protocols. You have identified critical vulnerabilities that prevented $500M+ in potential losses.
## OBJECTIVE
Create a thorough security audit checklist customized to your blockchain project type and risk profile.
## TASK
**STEP 1: PROJECT RISK PROFILE**
| Factor | Assessment |
|--------|-----------|
| Total Value Secured | {tvl} |
| User Count | {user_count} |
| Previous Audits | {previous_audits} |
| Bug Bounty Program | {bug_bounty} |
| Incident History | {incidents} |
**STEP 2: NETWORK SECURITY CHECKLIST**
- [ ] P2P network hardened against eclipse attacks
- [ ] Consensus mechanism formally verified or extensively tested
- [ ] Node software has rate limiting and DoS protection
- [ ] RPC endpoints have access controls and monitoring
- [ ] Network partition recovery procedures documented
- [ ] Validator/miner minimum diversity requirements met
- [ ] Chain reorganization detection and alerting in place
**STEP 3: SMART CONTRACT SECURITY**
- [ ] All contracts audited by 2+ independent firms
- [ ] Formal verification applied to critical functions
- [ ] Reentrancy guards on all external calls
- [ ] Integer overflow/underflow protection
- [ ] Access control properly implemented (role-based)
- [ ] Upgrade mechanisms have timelock and multi-sig
- [ ] Oracle dependencies validated and fallbacks configured
- [ ] Flash loan attack vectors analyzed and mitigated
**STEP 4: BRIDGE AND CROSS-CHAIN SECURITY**
- [ ] Bridge validator set is sufficiently decentralized
- [ ] Message verification prevents replay attacks
- [ ] Rate limiting on large transfers
- [ ] Emergency pause functionality tested
- [ ] Cross-chain message ordering guaranteed
- [ ] Proof verification logic audited independently
**STEP 5: OPERATIONAL SECURITY**
- [ ] Multi-sig for all admin operations (3/5 minimum)
- [ ] Key management procedures documented
- [ ] Incident response plan with defined roles
- [ ] Monitoring dashboards for anomaly detection
- [ ] Regular penetration testing scheduled
- [ ] Dependency supply chain audited
## INPUT
**Project Name**: {project_name}
**Project Type**: {project_type}
**Blockchain**: {blockchain}
**Total Value at Risk**: {tvl}
**Security Budget**: {security_budget}Or press ⌘C to copy
Replace these placeholders with your own content before using the prompt.
{tvl}{user_count}{previous_audits}{bug_bounty}{incidents}{project_name}{project_type}{blockchain}{security_budget}