[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-10504":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":10,"languages":10,"totalLinesOfCode":10,"stars":11,"forks":12,"watchers":13,"openIssues":14,"contributorsCount":15,"subscribersCount":15,"size":15,"stars1d":16,"stars7d":17,"stars30d":18,"stars90d":15,"forks30d":15,"starsTrendScore":19,"compositeScore":20,"rankGlobal":10,"rankLanguage":10,"license":10,"archived":21,"fork":21,"defaultBranch":22,"hasWiki":23,"hasPages":21,"topics":24,"createdAt":10,"pushedAt":10,"updatedAt":29,"readmeContent":30,"aiSummary":31,"trendingCount":15,"starSnapshotCount":15,"syncStatus":16,"lastSyncTime":32,"discoverSource":33},10504,"Knowledge-Base","slowmist\u002FKnowledge-Base","slowmist","Knowledge Base 慢雾安全团队知识库","https:\u002F\u002Fslowmist.com",null,4572,594,132,1,0,2,7,22,9,67.02,false,"master",true,[25,26,27,28],"blockchain","hacking","knowledge-base","security","2026-06-12 04:00:51","# Knowledge Base 慢雾安全团队知识库\n\n`慢雾科技`：https:\u002F\u002Fwww.slowmist.com\n`慢雾区`：https:\u002F\u002Fwww.slowmist.io\n\n> 我们在努力成为区块链世界的“安全基础设施”。未知的才是有趣的，已知的如果不分享将会变得索然无味。\u003Cbr>\n> We strive to become the \"security infrastructure\" of the blockchain world. The unknown is what makes things exciting — what's already known becomes dull if not shared.\n\n## 目录\n- [Knowledge Base 慢雾安全团队知识库](#knowledge-base-慢雾安全团队知识库)\n  - [目录](#目录)\n  - [区块链生态安全研究](#区块链生态安全研究)\n    - [假充值系列](#false-top-up)\n    - [零知识证明与密码学漏洞研究](#零知识证明与密码学漏洞研究)\n  - [AI 安全研究](#ai-安全研究)\n  - [翻译资料](#翻译资料)\n  - [开放报告](#开放报告)\n  - [安全实践指南](#安全实践指南)\n  - [一些思维导图](#一些思维导图)\n  - [其他资料](#其他资料)\n\n## 区块链生态安全研究\nBlockchain ecological security research, include: `Bitcoin`, `Monero`, `Ethereum`, `EOS` and other top blockchains.\n\n* [:fire: 加密资产追踪手册（Crypto Asset Tracing Handbook）](https:\u002F\u002Fgithub.com\u002Fslowmist\u002FCrypto-Asset-Tracing-Handbook)\n* [:fire: Blockchain dark forest selfguard handbook(黑手册)](https:\u002F\u002Fgithub.com\u002Fslowmist\u002FBlockchain-dark-forest-selfguard-handbook)\n* [:fire: Cryptocurrency Security Solution](https:\u002F\u002Fgithub.com\u002Fslowmist\u002Fcryptocurrency-security)\n* [:fire: Collection of Security Research in English](.\u002Fsecurity-research\u002FREADME.md)\n* [慢雾安全技术研究合集](https:\u002F\u002Fmp.weixin.qq.com\u002Fmp\u002Fappmsgalbum?__biz=MzU4ODQ3NTM2OA==&action=getalbum&album_id=1378653641065857025)\n* [慢雾 AML 分析报告](https:\u002F\u002Fmp.weixin.qq.com\u002Fmp\u002Fappmsgalbum?__biz=MzU4ODQ3NTM2OA==&action=getalbum&album_id=1983440310995156993)\n* [慢雾区块链安全科普](https:\u002F\u002Fmp.weixin.qq.com\u002Fmp\u002Fappmsgalbum?__biz=MzU4ODQ3NTM2OA==&action=getalbum&album_id=1378673890158936067)\n* [Papers of SlowMist](https:\u002F\u002Fgithub.com\u002Fslowmist\u002Fpapers)\n* [Public topic of SlowMist HackingTime](https:\u002F\u002Fgithub.com\u002Fslowmist\u002FHackingTime_Public)\n\n### False Top-up\n慢雾安全团队依靠多年的区块链安全行业经验，深入研究了各种针对数字货币交易平台充值入账的攻击手法（假充值），并对各类假充值的攻击手法进行披露，为交易平台提供安全检查服务，保障交易平台的充值入账安全。\u003Cbr>\nBacked by years of experience in blockchain security, the SlowMist security team has conducted in-depth research into various attack methods targeting digital asset exchanges — particularly \"false Top-up\" exploits. We have systematically disclosed these techniques and provide security auditing services to help exchanges safeguard their deposit systems.\n* [USDT 假充值手法](https:\u002F\u002Fmp.weixin.qq.com\u002Fs\u002FCtAKLNe0MOKDyUFaod4_hw)\n* [EOS 假充值手法](https:\u002F\u002Fmp.weixin.qq.com\u002Fs\u002FfKINfZLW65LYaD4qO-21nA)\n* [XRP 假充值手法](https:\u002F\u002Fdevelopers.ripple.com\u002Fpartial-payments.html)\n* [以太坊代币假充值手法](https:\u002F\u002Fmp.weixin.qq.com\u002Fs\u002F3cMbE6p_4qCdVLa4FNA5-A)\n* [比特币 RBF 假充值手法](https:\u002F\u002Fmp.weixin.qq.com\u002Fs\u002FOYi2JDbAoLEdg8VDouqbIg)\n* [XMR 锁定转账手法](https:\u002F\u002Fmp.weixin.qq.com\u002Fs\u002FKt-G_bYbuUMIbSGSnyYXLA)\n* [以太坊假充值手法](https:\u002F\u002Ft.zsxq.com\u002FYNbMFIa)\n* [Solana\u002FTron\u002FTerra\u002FBTC\u002FDogcoin\u002FLTC\u002FToncoin\u002FAvax\u002FIOST\u002FFilecoin\u002FNEM 假充值手法-未公开](https:\u002F\u002Fwww.slowmist.com\u002F?lang=zh#products)\n\n### 零知识证明与密码学漏洞研究\nZero-knowledge proofs and cryptographic vulnerability research.\n* [揭秘以太坊 Vanity 生成器 Profanity 私钥破解漏洞](https:\u002F\u002Fmp.weixin.qq.com\u002Fs\u002FjMNWv2YsU9Y1oU1NWXVlMQ)\n* [zk-SNARK Groth16 详解](https:\u002F\u002Fgithub.com\u002Fslowmist\u002FzkSnark-Groth16-Getting-Started)\n* [Cairo 0 安全审计实践指南](https:\u002F\u002Fgithub.com\u002Fslowmist\u002FCairo0-Security-Audit-Practice-Guide)\n* [探讨 Poseidon 延展性攻击](https:\u002F\u002Fmp.weixin.qq.com\u002Fs\u002FtdJ_noFvkPvCFpMNh84_Kg)\n* [Fiat-Shamir 冰心漏洞解析](https:\u002F\u002Fmp.weixin.qq.com\u002Fs\u002FNjYUPlKu3givhlPip20R4g)\n* [Ed25519 实现原理与可延展性问题](https:\u002F\u002Fmp.weixin.qq.com\u002Fs\u002Fm5VWfPT-5gfXiUqBeOF_aQ)\n* [扭曲攻击漏洞解析](https:\u002F\u002Fmp.weixin.qq.com\u002Fs\u002FIvraz1ejoe9UiYYbeQSRoA)\n* [Groth16 证明延展性攻击原理及实现](https:\u002F\u002Fmp.weixin.qq.com\u002Fs\u002Fge3QJOdIqrDiRMBgh6BBeg)\n* [Circom 验证合约输入假名漏洞](https:\u002F\u002Fmp.weixin.qq.com\u002Fs\u002FgzgBxlwBhEsRBAbOuKUY_w)\n* [盘点 ZKP 主流实现方案技术特点](https:\u002F\u002Fmp.weixin.qq.com\u002Fs\u002FvEf0rpGRqiJYGxpV6mtIMA)\n* [ECDSA 签名中的私钥泄露：elliptic 库畸形输入漏洞分析](https:\u002F\u002Fmp.weixin.qq.com\u002Fs\u002F-JpS5Qg7NYYPgeic-7Y5VQ)\n\n## AI 安全研究\nSecurity research related to AI: AI for Security and Security for AI.\n* :fire:[OpenClaw 极简安全实践指南 (Security Practice Guide)](https:\u002F\u002Fgithub.com\u002Fslowmist\u002Fopenclaw-security-practice-guide)\n* :fire:[SlowMist Agent Security Skill](https:\u002F\u002Fgithub.com\u002Fslowmist\u002Fslowmist-agent-security)\n* :fire:[MistTrack Skills](https:\u002F\u002Fgithub.com\u002Fslowmist\u002Fmisttrack-skills)\n* [MCP 安全检查清单](https:\u002F\u002Fgithub.com\u002Fslowmist\u002FMCP-Security-Checklist)\n* [MasterMCP: showcase various potential security attack vectors against MCP](https:\u002F\u002Fgithub.com\u002Fslowmist\u002FMasterMCP)\n* [MistTrack MCP Server](https:\u002F\u002Fgithub.com\u002Fslowmist\u002FMistTrackMCP)\n\n## 翻译资料\nSome translated blockchain security documents.\n\n* [DASP Top10 中文版](.\u002Ftranslations\u002FDASP-top10-chinese.pdf)\n* [Solidity 安全：已知攻击方法和常见防御模式综合列表](.\u002Ftranslations\u002Fsolidity-security-comprehensive-list-of-known-attack-vectors-and-common-anti-patterns_zh-cn.md)\n* [全面解析公共区块链系统攻击面](.\u002Ftranslations\u002FExploring-the-Attack-Surface-of-Blockchain-A-Systematic-Overview\u002FExploring-the-Attack-Surface-of-Blockchain-A-Systematic-Overview_zh-cn.md)\n\n## 开放报告\nSome open security audit reports of SlowMist.\n\n- [Open Security Audit Report](.\u002Fopen-report-V2\u002FREADME.md)\n  * [Blockchain Security Audit Report](.\u002Fopen-report-V2\u002Fblockchain\u002F)\n  * [Blockchain Application Security Audit Report](.\u002Fopen-report-V2\u002Fblockchain-application\u002F)\n  * [Smart Contract Security Audit Report](.\u002Fopen-report-V2\u002Fsmart-contract\u002F)\n\nSome open MistTrack investigation reports of SlowMist.\n- [Open MistTrack Investigation Report](.\u002Fopen-misttrack-report\u002FREADME.md)\n\n## 安全实践指南\n实践永远最踏实\u002FPractice is always the most reliable.\n\n* [Web3 项目安全实践要求\u002FWeb3 Project Security Practice Requirements](https:\u002F\u002Fgithub.com\u002Fslowmist\u002FWeb3-Project-Security-Practice-Requirements)\n* [慢雾(SlowMist)智能合约审计技能树\u002FSlowMist Learning Roadmap for Becoming a Smart Contract Auditor](https:\u002F\u002Fgithub.com\u002Fslowmist\u002FSlowMist-Learning-Roadmap-for-Becoming-a-Smart-Contract-Auditor)\n* [Solana Smart Contract Security Best Practices](https:\u002F\u002Fgithub.com\u002Fslowmist\u002Fsolana-smart-contract-security-best-practices)\n* [Account Abstraction Security Audit Checklist](https:\u002F\u002Fgithub.com\u002Fslowmist\u002FAccount-Abstraction-Security-Audit-Checklist)\n* [APTOS MOVE 智能合约审计入门](https:\u002F\u002Fgithub.com\u002Fslowmist\u002FAPTOS-MOVE-Smart-Contract-Auditing-Primer)\n* [Toncoin 智能合约安全最佳实践\u002FToncoin Smart Contract Security Best Practices](https:\u002F\u002Fgithub.com\u002Fslowmist\u002FToncoin-Smart-Contract-Security-Best-Practices)\n* [SUI Move 合约审计方法\u002FSUI Move Contract Audit Method](https:\u002F\u002Fgithub.com\u002Fslowmist\u002FSui-MOVE-Smart-Contract-Auditing-Primer)\n* [基于区块链的加密货币安全审计指南\u002FBlockchain-Based Cryptocurrency Security Audit Guide](https:\u002F\u002Fgithub.com\u002Fslowmist\u002FCryptocurrency-Security-Audit-Guide)\n* [AAVE V2 安全审计手册](https:\u002F\u002Fgithub.com\u002Fslowmist\u002FAAVE-V2-Security-Audit-Checklist)\n* [Ontology Triones Service Node security checklist](https:\u002F\u002Fgithub.com\u002Fslowmist\u002FOntology-Triones-Service-Node-security-checklist)\n* [vechain core nodes security checklist](https:\u002F\u002Fgithub.com\u002Fslowmist\u002Fvechain-core-nodes-security-checklist)\n* [EOS BP nodes security checklist](https:\u002F\u002Fgithub.com\u002Fslowmist\u002Feos-bp-nodes-security-checklist)\n* [EOS BP nodes security audit](https:\u002F\u002Fgithub.com\u002Fslowmist\u002Feos-bp-nodes-security-checklist\u002Fblob\u002Fmaster\u002Faudit.md)\n* [EOS smart contract security best practices](https:\u002F\u002Fgithub.com\u002Fslowmist\u002Feos-smart-contract-security-best-practices)\n\n## 一些思维导图\nSome mind maps of blockchain security.\n\n* [DApp Attack & Defense](.\u002Fmindmaps\u002Fdapp_attack_defense.png)\n* [Exchange or Wallet Attack & Defense](.\u002Fmindmaps\u002Fexchange_wallet_attack_defense.png)\n* [Evil Blockchain & how to be evil](.\u002Fmindmaps\u002Fevil_blockchain.png)\n\n## 其他资料\nOther awesome collections.\n\n* [Hacked](https:\u002F\u002Fhacked.slowmist.io)\n* [Awesome Blockchain Bug Bounty](https:\u002F\u002Fgithub.com\u002Fslowmist\u002Fawesome-blockchain-bug-bounty)\n* [慢雾科普：区块链安全入门笔记](.\u002Fblockchain_security_study_notes\u002FREADME.md)\n* [EOS 天眼(EOS MonKit)](https:\u002F\u002Feos.slowmist.io\u002F)\n* [FireWall.X — 强大的 EOS 智能合约防火墙](https:\u002F\u002Ffirewallx.io\u002F)\n* [FireWall.X GitHub](https:\u002F\u002Fgithub.com\u002Ffirewall-x)\n* [Open of SlowMist](https:\u002F\u002Fgithub.com\u002Fslowmist\u002F)\n","慢雾安全团队知识库是一个专注于区块链生态安全研究、AI安全以及密码学漏洞分析的知识分享平台。该项目汇集了关于比特币、门罗币、以太坊等主流区块链的安全研究报告，包括假充值攻击手法解析、零知识证明技术探讨等内容，并提供了加密资产追踪手册、区块链黑暗森林自卫手册等一系列实用指南。此外，项目还收录了一些思维导图和翻译资料，便于用户更直观地理解和学习。此资源适合区块链开发者、安全研究人员及对区块链安全感兴趣的个人或组织使用，在提升自身技术水平的同时，也为构建更加安全的区块链环境贡献力量。","2026-06-11 03:28:53","top_topic"]