Skip to content
A list of security bugs with smart contracts on Ethereum
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
README.md Update README.md Nov 8, 2017

README.md

Awesome Smart Contract Bugs

A list of security bugs with smart contracts on Ethereum. (original source)

  1. The DAO
  2. The "payout index without the underscore" ponzi (FirePonzi)
  3. The casino with a public RNG seed
  4. Governmental (1100 ETH stuck because payout exceeds gas limit)
  5. 5800 ETH swiped (by whitehats) from an ETH-backed ERC20 token
  6. The King of the Ether game
  7. Rubixi : Fees stolen because the constructor function had an incorrect name, allowing anyone to become the owner
  8. Rock paper scissors trivially cheatable because the first to move shows their hand
  9. The Parity Wallet Hack caused by missing checks before overwriting wallet owner.
  10. The Parity Wallet Hack Again because anyone can take ownership of the library contract.
You can’t perform that action at this time.