Skip to content
/ ethereum-race-to-bottom-vulnerability-example Public

Study of simple race-to-bottom exploit of ethereum network like the one DAO was vulnerable to

5 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

danbaragan/ethereum-race-to-bottom-vulnerability-example

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
contracts
contracts
 
 
migrations
migrations
 
 
test
test
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
truffle.js
truffle.js
 
 

Repository files navigation

Study of simple race-to-bottom exploit of ethereum network

This is the kind of exploit the DAO attack was based on. This is an example of what you should not do.

Setup

You need nodejs and npm. I have truffle and testrpc installed globaly. You need them to run this. Global or locally - it's your choice

  • ethereumjs-testrpc (@4.1.3)
  • truffle (@3.4.9)

Run

Simply let testrpc run and do a truffle test

Further reading

https://blog.zeppelin.solutions/onward-with-ethereum-smart-contract-security-97a827e47702 https://blog.zeppelin.solutions/the-hitchhikers-guide-to-smart-contracts-in-ethereum-848f08001f05 https://github.com/ConsenSys/smart-contract-best-practices http://hackingdistributed.com/2016/07/13/reentrancy-woes/ PeterBorah/smart-contract-security-examples#3

About

Study of simple race-to-bottom exploit of ethereum network like the one DAO was vulnerable to

Topics

ethereum-contract ethereumjs

Resources

Readme
Activity

Stars

5 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages