Skip to content
This repository has been archived by the owner on Mar 27, 2024. It is now read-only.
/ defcon28-talk-challenge Public archive

Smart contract hacking challenge introduced in my talk at DEFCON 28 - Blockchain Village

License

MIT license
22 stars 6 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

tinchoabbate/defcon28-talk-challenge

BranchesTags

Repository files navigation

Smart contract hacking challenge

Challenge introduced in my "7 phases of smart contract security" talk at DEF CON 28 in the Blockchain Village

This challenge involves governance and flash loans. What could go wrong, right ?

You must steal all tokens from the Pool contract.

How to play

  1. Clone this repository
  2. Install dependencies with npm install
  3. Code your solution in the provided test/exploit.js file
  4. Run with npm run challenge

Tips

  • You must use the attacker account. That is, all your transactions should include { from: attacker }.
  • Solve the challenge by coding your script in the highlighted it block of the test/exploit.js file.
  • Do not not modify anything else. The script already takes care of setting up the scenario and checking success conditions.
  • If you need to use an attacker contract, add it in the contracts folder.

Related documentation you might find useful:

Maintainers

Created and maintained by @tinchoabbate

Disclaimer

All Solidity code, practices and patterns in this repository are vulnerable and for educational purposes only.

DO NOT COPY. DO NOT USE IN PRODUCTION.

About

Smart contract hacking challenge introduced in my talk at DEFCON 28 - Blockchain Village

Resources

Readme

License

MIT license
Activity

Stars

22 stars

Watchers

3 watching

Forks

6 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages