Skip to content

damianrusinek/damn-vulnerable-defi

 
 

Repository files navigation

A set of challenges to hack implementations of DeFi in Ethereum. Featuring flash loans, oracles, governance, NFTs, lending pools, and more!

Created by @tinchoabbate at OpenZeppelin

Play

Visit damnvulnerabledefi.xyz!

Participate

Share your solutions, comments, feedback and more in Twitter with #DamnVulnerableDeFi.

Write-ups and lessons learned (added by @drdr_zz)

This is a fork of the original repo, where I present the write-ups and lessons learned from the vulnerable contracts. Each challenge has a write-up (links below), an exploit (in the testcase file) and some have attacker contracts (in this directory).

Here is the list of write-ups for all challenges:

  1. Unstoppable
  2. Naive Receiver
  3. Truster
  4. Side Entrance
  5. The Rewarder
  6. Selfie
  7. Compromised
  8. Puppet

DeFI category added to SCSVS (added by @drdr_zz)

I have added new category to Smart Contracts Security Verification Standard called Decentralized Finance basing on the challenges and recent hacks in #DeFi.

It contains the security requirements specific to the mechanisms used by the #DeFi applications.

Check out the list of new requirements!

Disclaimer

All Solidity code, practices and patterns in this repository are DAMN VULNERABLE and for educational purposes only.

DO NOT USE IN PRODUCTION.

About

No description, website, or topics provided.

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Solidity 56.1%
  • JavaScript 43.9%