📖 Web3 Security Glossary
Essential terms and concepts in blockchain security and DeFi. Perfect for beginners and as a quick reference for experts.
A
ABI
Application Binary Interface - A JSON representation of a smart contract's functions and events that allows external applications to interact with it.
Access Control
Security mechanisms that restrict which addresses can call certain functions in a smart contract.
Audit
A comprehensive security review of smart contract code to identify vulnerabilities and suggest improvements.
B
Block
A collection of transactions that are bundled together and added to the blockchain.
C
CEI Pattern
Checks-Effects-Interactions - A coding pattern where you first validate inputs, then update state, and finally make external calls.
D
DeFi
Decentralized Finance - Financial services built on blockchain technology without traditional intermediaries.
DEX
Decentralized Exchange - A cryptocurrency exchange that operates without a central authority.
E
EIP
Ethereum Improvement Proposal - A design document providing information about new features or processes for Ethereum.
ERC-20
A standard interface for fungible tokens on Ethereum, defining functions like transfer and approve.
ERC-721
A standard interface for non-fungible tokens (NFTs) on Ethereum.
F
Fallback Function
A special function in Solidity that executes when a contract receives ETH or when no other function matches.
Flash Loan
An uncollateralized loan that must be borrowed and repaid within a single transaction.
Front-Running
When someone sees a pending transaction and submits their own transaction first with higher gas to exploit it.
G
Gas
A unit measuring the computational effort required to execute operations on Ethereum.
Governance
The system by which decisions are made in a decentralized protocol, often through token voting.
I
Impermanent Loss
The temporary loss of funds experienced by liquidity providers due to price volatility.
L
Liquidation
The process of closing a position when collateral falls below required levels in lending protocols.
M
MEV
Maximal Extractable Value - The profit that can be extracted by reordering, inserting, or censoring transactions.
Modifier
A Solidity construct that can change the behavior of functions, often used for access control.
O
Oracle
A service that provides external data (like prices) to smart contracts.
P
Proxy
A smart contract pattern that allows upgrading contract logic while maintaining state and address.
R
Reentrancy
A vulnerability where an external call allows an attacker to re-enter a function before it completes.
S
Sandwich Attack
An MEV attack where a transaction is surrounded by attacker transactions to profit from price movement.
Slippage
The difference between expected and actual price when executing a trade.
Smart Contract
Self-executing code deployed on a blockchain that automatically enforces the terms of an agreement.
Solidity
The primary programming language for writing smart contracts on Ethereum and EVM-compatible chains.
T
TVL
Total Value Locked - The total amount of assets deposited in a DeFi protocol.
TWAP
Time-Weighted Average Price - A pricing mechanism that averages prices over time to resist manipulation.
V
Vault
A smart contract that holds user funds and typically earns yield through various strategies.
Vyper
A Python-like programming language for writing smart contracts on Ethereum.