Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Review and update for underhanded contest results #102

Closed
maurelian opened this issue Sep 22, 2017 · 3 comments
Closed

Review and update for underhanded contest results #102

maurelian opened this issue Sep 22, 2017 · 3 comments
Labels
help wanted

Comments

@maurelian
Copy link
Contributor

I think there are some novel items in here that we need to incorporate, but I haven't look at all of them yet.

https://medium.com/@chriseth/lessons-learnt-from-the-underhanded-solidity-contest-8388960e09b1
https://github.com/Arachnid/uscc/tree/master/submissions-2017/
https://medium.com/@weka/announcing-the-winners-of-the-first-underhanded-solidity-coding-contest-282563a87079
@smartcontracts smartcontracts mentioned this issue Nov 5, 2017
Merged
@djphillyg djphillyg mentioned this issue Feb 15, 2018
Merged
@shayanb shayanb closed this as completed Jan 24, 2019
@maurelian
Copy link
Contributor Author

@shayanb I wonder if the issues items we added for this might have been a better fit for their own section, or perhaps simply being linked to. They are much more involved to describe...

@shayanb
Copy link
Contributor

shayanb commented Jan 30, 2019

@maurelian What do you have in mind for "their own section"? I was thinking of having a CTF samples section to have these in there, maybe even link Steve's twitch solutions in the same page. but it might not get the point across as possible attack vectors.

@maurelian
Copy link
Contributor Author

Yes, Something like CTF samples makes more sense, as the USCC was kind of a CTF design competition in some sense. The point is that these sneaky design patterns are very hard to distil into a single recommendation or known attack. It might even be better just to describe them very briefly and link elsewhere.

devninja309 added a commit to devninja309/smart-contract-best-practices that referenced this issue Jun 4, 2022
@devninja309
Began including known attacks from the USCC
4c55af3 
I'm slowly adding in topics and lessons learned from the [USCC](https://medium.com/@chriseth/lessons-learnt-from-the-underhanded-solidity-contest-8388960e09b1) as per Consensys/smart-contract-best-practices#102. This pull request includes documentation of built-in shadowing and fallback function bypassing. Forced sending of ether to a contract is briefly mentioned in [Recommendations](https://github.com/ConsenSys/smart-contract-best-practices/blob/cea931b36466b4202927adad7072669a030290d3/docs/recommendations.md), although this addition expands on possible attack surfaces. Feedback is welcome.
SepehrSameni added a commit to SepehrSameni/smart-contract-best-practices that referenced this issue Oct 19, 2022
@SepehrSameni
Began including known attacks from the USCC
74dd33f 
I'm slowly adding in topics and lessons learned from the [USCC](https://medium.com/@chriseth/lessons-learnt-from-the-underhanded-solidity-contest-8388960e09b1) as per Consensys/smart-contract-best-practices#102. This pull request includes documentation of built-in shadowing and fallback function bypassing. Forced sending of ether to a contract is briefly mentioned in [Recommendations](https://github.com/ConsenSys/smart-contract-best-practices/blob/4e532f9c9afe661318da2c1e97a1605fde7a5349/docs/recommendations.md), although this addition expands on possible attack surfaces. Feedback is welcome.
darrylcharlton54 added a commit to darrylcharlton54/best-practices-smart-contract that referenced this issue Nov 8, 2022
@darrylcharlton54
Began including known attacks from the USCC
0ce9d2c 
I'm slowly adding in topics and lessons learned from the [USCC](https://medium.com/@chriseth/lessons-learnt-from-the-underhanded-solidity-contest-8388960e09b1) as per Consensys/smart-contract-best-practices#102. This pull request includes documentation of built-in shadowing and fallback function bypassing. Forced sending of ether to a contract is briefly mentioned in [Recommendations](https://github.com/ConsenSys/smart-contract-best-practices/blob/cea931b36466b4202927adad7072669a030290d3/docs/recommendations.md), although this addition expands on possible attack surfaces. Feedback is welcome.
onlinehub0808 added a commit to onlinehub0808/-smart-contract-best-practices that referenced this issue Feb 20, 2023
@onlinehub0808
Began including known attacks from the USCC
67c1817 
I'm slowly adding in topics and lessons learned from the [USCC](https://medium.com/@chriseth/lessons-learnt-from-the-underhanded-solidity-contest-8388960e09b1) as per Consensys/smart-contract-best-practices#102. This pull request includes documentation of built-in shadowing and fallback function bypassing. Forced sending of ether to a contract is briefly mentioned in [Recommendations](https://github.com/ConsenSys/smart-contract-best-practices/blob/cea931b36466b4202927adad7072669a030290d3/docs/recommendations.md), although this addition expands on possible attack surfaces. Feedback is welcome.
anteroselin pushed a commit to anteroselin/smart-contract-practices that referenced this issue Mar 21, 2023
Began including known attacks from the USCC
06d847f 
I'm slowly adding in topics and lessons learned from the [USCC](https://medium.com/@chriseth/lessons-learnt-from-the-underhanded-solidity-contest-8388960e09b1) as per Consensys/smart-contract-best-practices#102. This pull request includes documentation of built-in shadowing and fallback function bypassing. Forced sending of ether to a contract is briefly mentioned in [Recommendations](https://github.com/ConsenSys/smart-contract-best-practices/blob/cea931b36466b4202927adad7072669a030290d3/docs/recommendations.md), although this addition expands on possible attack surfaces. Feedback is welcome.
FPLeader added a commit to FPLeader/smart-contract-practices that referenced this issue Sep 12, 2023
@FPLeader
Began including known attacks from the USCC
849535e 
I'm slowly adding in topics and lessons learned from the [USCC](https://medium.com/@chriseth/lessons-learnt-from-the-underhanded-solidity-contest-8388960e09b1) as per Consensys/smart-contract-best-practices#102. This pull request includes documentation of built-in shadowing and fallback function bypassing. Forced sending of ether to a contract is briefly mentioned in [Recommendations](https://github.com/ConsenSys/smart-contract-best-practices/blob/cea931b36466b4202927adad7072669a030290d3/docs/recommendations.md), although this addition expands on possible attack surfaces. Feedback is welcome.
GreyRabbitty added a commit to GreyRabbitty/smart-contract-practice-best that referenced this issue Sep 19, 2023
@GreyRabbitty
Began including known attacks from the USCC
a1255f4 
I'm slowly adding in topics and lessons learned from the [USCC](https://medium.com/@chriseth/lessons-learnt-from-the-underhanded-solidity-contest-8388960e09b1) as per Consensys/smart-contract-best-practices#102. This pull request includes documentation of built-in shadowing and fallback function bypassing. Forced sending of ether to a contract is briefly mentioned in [Recommendations](https://github.com/ConsenSys/smart-contract-best-practices/blob/cea931b36466b4202927adad7072669a030290d3/docs/recommendations.md), although this addition expands on possible attack surfaces. Feedback is welcome.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@shayanb @maurelian