Start Here
Interview prep for Smart Contract Security Engineer roles. Senior-level interview prep for protocol-security roles owning the full security lifecycle — formal verification with Certora / Halmos, in-house security review, bug-bounty triage and war rooms, attack-vector research, and shipping safer Solidity faster.
The role, in plain English
This guide is for engineers preparing for the senior Smart Contract Security Engineer archetype — the role you'll meet at large DeFi protocol teams (lending, money markets, AMMs, perps, restaking, oracles). Titles vary but the work is recognizable, and the technical bar concentrates on a small set of deep skills rather than a wide surface area.
The first chapter, 01-the-role, decodes the role itself. The chapters after that are the technical surface — read in order if you can.
What the rounds typically test
Loops at senior DeFi protocol teams usually mix:
- Conceptual / domain — covered in 03, 04, 05.
- Applied design — design a new primitive end-to-end. 06, 07, 08, 09.
- Live Solidity — write, debug, or refactor a contract. 10, 11.
- Production discipline — deployments, oracles, indexers, observability. 12, 13.
- Adversarial thinking — given a contract or a mechanism, find the bug. Woven through 08 and 15.
The folder, in reading order
Section A — Orient (read first)
| File | Why |
|---|---|
| 01-the-role | Decode the role and the stack |
| 02-positioning-from-scratch | How to interview honestly when light on direct on-chain production experience |
Section B — Technical core
| File | Why |
|---|---|
| 03-core-fundamentals | Foundational concepts the rest builds on |
| 04-deep-dive-primary | The single most important technical area |
| 05-deep-dive-secondary | The second pillar interviewers will probe |
| 06-applied-patterns | Production patterns and how they show up |
| 07-evaluation-quality | Correctness, gas, safety measurement |
| 08-error-handling | Attack vectors and failure modes |
| 09-governance-and-audit | Audit cycles, governance, upgradeability |
Section C — Coding
| File | Why |
|---|---|
| 10-coding-fundamentals | Solidity idioms, Foundry, EVM mental model |
| 11-coding-problems | Hand-picked Solidity problems with drill mode |
Section D — Production
| File | Why |
|---|---|
| 12-data-pipelines | On-chain data, subgraphs, indexers, oracles, monitoring |
| 13-deployment-and-ops | Foundry scripts, CREATE2, multi-chain, on-call |
Section E — Reference + execution
| File | Why |
|---|---|
| 14-domain-context | CVL, SMT, symbolic execution, fuzzing, invariant testing, slither, Echidna, Foundry, Medusa, Halmos, Certora, MEV, reentrancy, oracle manipulation, donation attack vocabulary |
| 15-interview-questions | Practice Q&A — drill these out loud |
| 16-day-of | Tactics, traps, what to ask them. Reread morning of |
Suggested study schedule
If you have 7+ days
- Day 1:
01,02(orient) →03(fundamentals) - Day 2:
04,05(deep dives) - Day 3:
06,07(patterns + evals) - Day 4:
08,09(attack vectors + audit lifecycle) - Day 5:
10,11(Solidity on a timer) - Day 6:
12,13(data + deployment) - Day 7: Drill
15. Read14and16. Sleep.
If you have 2-3 days
01, 02, 03, 04, 05, 07, 08, 11, 15, 16. Skim the rest.
If you have < 24 hours
01, 02, 11 (the named problems), 15, 16. Skim 04, 05, 08 headings only.
Practical things to do before interview day
Reading is cheaper than building, but building sticks. Chapter 06 and 11 call out specific things you can prototype in 30-90 minutes — typically a small Foundry project that exercises the role's core concepts. Doing one of those closes more of your gap than rereading.
The single most important reframe
- You're learning the precise vocabulary practitioners use. This folder fixes that.
- You're being honest about your gaps, not bluffing. That posture is more persuasive than fake seniority. Read 02-positioning-from-scratch first.
Say so cleanly: "I haven't worked with X. My closest reference point is Y. Want me to reason about X from first principles?"
What "winning" looks like in these rounds
- Vocabulary fluency — using the right terms.
- Sound reasoning — arriving at a defensible design by thinking, not recall.
- Adversarial instinct — reaching for "what could go wrong" before "what's cool."
- Gas / EVM awareness — your defaults respect on-chain economics.
- Honesty at the edge of what you know.
- Live learning — when they teach you mid-interview, you visibly absorb and use it later.