Table of contents
According to CBInsights State Of Blockchain 2021 Report, Blockchain and crypto startups had a breakthrough year. Funding grew 713% year-over-year as investors poured money into crypto and NFT startups.
I believe this is the time to jump into this emerging field and grab the only " once in a lifetime" opportunity.
Below I have written a crowdsourced roadmap(step-by-step) I am going to follow to become a blockchain master. I chose Ethereum blockchain to start with and I have mentioned the reason below for that. You can choose whatever blockchain you want but I believe after looking at the stats below you feel the same as me.
According to State of the Dapps till January 2022 there are a total of 3,957 Dapps.
Out of those 3,957 dapps the majority of the share was dominated by Ethereum with 2,929 dapps which is ~74% of the total dapps available. So I believe to start with Ethereum since there would be many opportunities, later you can go for other blockchains depending on your interest.
🏗🔨 Building vs Breaking
I personally believe that you are a master in any field only if you have knowledge of how to break a system and find vulnerabilities in it.
So in my roadmap, I am going to make sure you know how to break a system, But without knowing how an application/protocol/framework is built or structured, we cannot proceed further to find any vulnerabilities in it, however, If you do manage to find actual vulnerabilities in a smart contract or any blockchain protocol, without having any prior knowledge of how it is built and structured; You were just throwing arrows in the dark, and got lucky.
To a great extent, your ability to break into an application is directly proportional to your understanding of how that application is built and structured
🛣The Ultimate Roadmap
I have crowdsourced the majority of the roadmap from multiple GOATs and legends in this field, it is organized in a way to cover all rudimentary topics that one needs to know in order to master in this field.
Note: I will be following this roadmap and will be updating as required in the process and will be posting links to my threads on each of the topics I learn and resources at the end of the thread which will help you to get along which would be like a TLDR; of each concept. Also will write an estimated time to complete that concept
All of the resources I would be posting later with the links will be 100% free openly available to everyone.
Note to mention: All the threads, text, images, videos are crowdsourced I am not the creator of any of them, I just try to find good resources already available over the internet and write a summary(TLDR;) on that topic. All the rights lie with the original creators/publishers.
Basics(🤔Understanding of below concepts is enough to go to next step)
- Linux & Bash commands (10 minutes)
- Networking concepts (8-10 minutes)
- How a Web Browser works (10-15 minutes)
- DNS 👆
- HTTP Protocol 👆
- HTTP Request and Response 👆
👆 meaning same resource as above
- HTTP Caching (5 minutes)
- RPC Protocol (5 minutes)
- Browser’s developer tools (10 minutes)
- Version control systems such as Git
- Package Managers (Like npm, yarn)
- Object-Oriented programming - check out resource at the end of this thread
Essential Blockchain Basics (✔️Mandatory)
- Distributed Ledger
- Bitcoin Whitepaper - This is an explanation resource, please feel free to check out the original paper lined in the blog
- Asymmetric Cryptography
- Elliptic Curve Cryptography
- Double Spending problem
- 51% Attack
- Other basic terms used like web2, web3, blockchain, decentralized, distributed, Defi, NFT, etc., (Can be found here)
Basics of Ethereum (✔️Mandatory)
- What is Ethereum
- Why Ethereum is termed as World Computer
- Why is it different from previous blockchains
- Ethereum Protocol and how it started
- Ether Currency
- Transactions in Ethereum ecosystem using wallets like metamask etc.,
- Types of accounts (EOAs vs contract accounts)
- Ethereum Clients, Nodes, and Wallets
- Public Key vs Private Key
- Different types of networks in Ethereum (Mainnet, Testnet, etc)
- Block Explorer
- EIPs and ERC standards
- Most used ERC20, ERC721, and ERC1155
- Turing Completeness
- Ethereum Virtual Machine
- Smart Contracts
- Ethereum High-Level Languages (Solidity, Vyper, LLL, Serpent)
- What is Solidity
- The famous Remix IDE
- Data types in Solidity
- Predefined global variables and functions
- Error handling in Solidity
- Contract ABI
- Lifecycle of a Smart Contract
- Compiling, Testing & Deploying of Smart Contracts
- Interacting with deployed Smart Contracts
- Interaction using an external library(web3.js,ethers.js)
- JSON RPC
Frameworks for Ethereum Development (🤔For ease of development)
- Truffle Suit (Truffle, Ganache, Mocha, Drizzle)
Frontend (! -> ✔️Mandatory)
- HTML, CSS !
- React !
Professional level (✔️Mandatory to know if you wish to continue to work in this field)
- Distributed Storage Systems (IPFS, SWARM, storej)
- Chain, Side Chain
- Polygon, Solana, BSC(Now called BNB chain)
- L1/L2 Solutions
- State Channels
- Rollups - ZKRollup, Optimistic Rollup
- Stable Coins
Future of Ethereum
- ETH2.0(🤔NOW called Consensus Layer)
📻 Further useful resources
- Mastering Ethereum Book
- Smart Contract Programmer
- Week in Ethereum News
- The Daily Gwei to stay updated
NOTE: Next steps are required only if you want to master, I suggest you go through them even if you are not into security/auditing because having knowledge of vulnerabilities will help you code better.
To become a smart contract auditor or security specialist in the blockchain you have to complete the whole roadmap including the below and should complete at least one CTF mentioned below
🔐 Smart Contract Security(✔️First point is very needed to master, rest are to help you in the process)
Most common Vulnerabilities in Smart contracts:- What is Reentrancy, What is Junk code (Code With No Effects), What is Unencrypted Private Data On-Chain, What is Integer Overflow and Underflow, What is Floating Pragma, What is Unchecked Call Return Value, What is Unprotected SELFDESTRUCT Instruction, State Variable Default Visibility, What is Uninitialized Storage Pointer, Use of Deprecated Solidity Functions, DoS with Failed Call, Authorization through tx.origin, Signature Malleability, Weak Sources of Randomness from Chain Attributes, Lack of Proper Signature Verification, Missing Protection against Signature Replay Attacks, Insufficient Gas Griefing, DoS With Block Gas Limit, Hash Collisions With Multiple Variable Length Arguments, Message call with a hardcoded gas amount, Oracle Manipulation.
Visualization Tools (Solidity Visual Developer, EVM Lab, Surya, Solgraph, Piet, Ethereum-graph-debugger )
- Linters and formatters (Ethlint, Prettier + Solidity Plugin, Solhint)
- Static and Dynamic Analysis (Oyente, Octopus, Vertigo, MythX, Mythril, Slither, Echidna)
CTF's to Look at(✔️Mandatory)
💵Bug bounty platforms(🤔community)
📻Security related resources to stay up to date
That was it from my side, I hope and wish you all the best for your success, This is also part of my Round 2 #21DaysOfLearnandShare Challenge. If you wish to join the challenge and learn along with me just connect and ping me on Twitter @0xViking
I would like to take the opportunity to thank a few people from whom I inspired and compiled this roadmap and resources.
❤️🔥 Liked my work? would like to support me?
If you think my work has added some value to your existing knowledge, then you can follow me on Twitter @0xViking and share this article with others whom you think would be a valuable asset for them
Did you find this article valuable?
Support 0xViking by becoming a sponsor. Any amount is appreciated!