Skip to content

damianrusinek/eth-vulns-tutorial

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 

Repository files navigation

Typical vulnes in Ethereum smart contracts

Exercises prepared on the base of Top 10 vulnerabilities from https://dasp.co/ and partially on code examples from https://solidity-by-example.org/.

Exercises

Access control

Arithmetic

  • Exercise 1: Arithmetic overflow in Timelock.
  • Exercise 2: Batch overflow in token batch transfer.

Unchecked Return Values For Low Level Calls

  • TODO

Reentrancy (untrusted external call)

Examples:

  • typical reentrancy
  • reentrancy as a unintended feature

Denial of service

Examples:

  • Unbound array.
  • Selfdestruct.

Bad randomness

Examples:

  • Randomness on the base of block numer.

Front running

  • TODO

Time Manipulation

  • TODO

Short Addresses

This category is out of scope as it is a security bug in the integration with smart contracts.

See it here: https://www.youtube.com/watch?v=EKU8T58kYCw&t=1760s

Unknown Unknowns

This category is out of scope as we do not know it yet ;)

About

Ethereum (Solidity) Vulnerabilities Tutorial

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published