Open this lesson in your favourite AI. It'll walk you through the why, explain the demo, and quiz you on the try-it list.
Smart-contract security is unique because the attacker is universal (anyone with $5 of gas), the system is permissionless (no IP allowlists), and the cost-of-failure is paid in capital you can't claw back. An attacker who finds a bug doesn't need to ship a phishing campaign — they just call your function. The threat model is 'every economically-rational actor on Earth, with access to flash loans up to your TVL'.
Same contract, two readers: a developer sees 'a function that pulls funds from a pool'; an auditor sees 'a function with an external call, a state update after the call, and no reentrancy guard — exploitable for the pool's full balance in one transaction.'
Use these three in order. Each builds on the one before.
In one paragraph, explain why smart-contract security is its own threat model.
Walk me through a recent high-profile DeFi exploit at the code + economics level.
Pick a protocol you use. Sketch the adversary's two-page playbook against it.