Awesome Smart Contract Bugs
A list of security bugs with smart contracts on Ethereum. (original source)
- The DAO
- The "payout index without the underscore" ponzi (FirePonzi)
- The casino with a public RNG seed
- Governmental (1100 ETH stuck because payout exceeds gas limit)
- 5800 ETH swiped (by whitehats) from an ETH-backed ERC20 token
- The King of the Ether game
- Rubixi : Fees stolen because the constructor function had an incorrect name, allowing anyone to become the owner
- Rock paper scissors trivially cheatable because the first to move shows their hand
- The Parity Wallet Hack caused by missing checks before overwriting wallet owner.
- The Parity Wallet Hack Again because anyone can take ownership of the library contract.