Smart Contract Security Glossary

Definitions, examples, and audit checks for Solidity, EVM, and DeFi security terms.

All 63 Vulnerabilities 7 EVM 7 Solidity 23 DeFi 15 Testing 3 Audit Tools 1 Standards 7

All glossary terms.

Clear filters

Delegatecall executes code from another contract while reading and writing the caller's storage, preserving the original caller context.

A function selector is the first 4 bytes of calldata that tells an EVM contract which function should handle a call.

A storage collision happens when two variables or contracts use the same storage slot, corrupting state in upgradeable or delegatecall-based systems.

selfdestruct is an EVM operation that can force-send Ether and historically removed contract code and storage under older semantics.

Calldata is the read-only input data sent to a contract call, usually containing the function selector and ABI-encoded arguments.

CREATE2 is an EVM opcode that deploys contracts to deterministic addresses based on the deployer, salt, and init-code hash.

A storage slot is a 32-byte indexed location in EVM contract storage used to hold state variables and derived storage data.