Vulnerability management in Aptos Move

Hi everyone,

For my master’s thesis, I’m researching the impact of custom resource types on the security of smart contract languages. I’m currently looking at vulnerabilities in Solidity and researching if they are still prevalent in Move (specifically, Aptos Move).

Right now, I gathered a list of common Solidity vulnerabilities, and I’m trying to mimic them in Aptos Move and documenting if and why they are still present. These vulnerabilities include over/underflow, reentrancy, forced token reception, … . For every vulnerability I have to find a good explanation of why it is solved/ still present. This explanation has to be based on facts, and I thus need to find which Aptos architecture principles prevent certain vulnerabilities or where in the compiler code certain vulnerabilities are caught.

Currently, I’m not able to find much documentation, and thus it is very hard to find the correct files in the Aptos github repository to pinpoint where certain errors are caught. For example, in which file is the code to catch overflow errors?

Is there someone with more experience or someone who is currently contributing to the Aptos framework that could point me in the right direction?

Thanks in advance!