Skip to content

fribas84/soliditysecurity

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
contracts
contracts
 
 
scripts
scripts
 
 
test
test
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
hardhat.config.js
hardhat.config.js
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 

Repository files navigation

Solidity Essential Security

Simple Solidity sercurity vulnerabilites to present at Universidad Nacional de Cuyo - Cryptoeconomics course

Install all dependencies with npm install

Access Control

Vulnerable contract that anyone can modify a state variable, to fix it, it uses Open Zeppelin Ownable contract

To run test: npx hardhat test test/AccessControl.js

Reading Sensitive Private Data

Reading private variables from the SC memory To run test: npx hardhat test test/SensitiveData.js

Reentrancy Attack

Attacker contract performs a reentrancy attack into a vulnerable contract not implementing Checks - Effects - Interaction Pattern.

To run test: npx hardhat test test/Reentrancy.js

Weak Randomness

Contract with a weak random generator, that is easy to guess To run test: npx hardhat test test/WeakRandomness.js

Miner / Validator Attack

a Miner / Validator can manipulate the EVM Timestamp to guess the number

Contract Attack

Guessing the winning number from another contract.

Versions

  • Hardhat: 2.17.3
  • Ethers: 6.7.1

About

Solidity Security

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages