Smart Contract Security
Blockchain Ethereum
Today we are going to learn about the security involved with blockchains, especially the Ethereum blockchain.
As usual, no worry if you’ve never played with blockchains before, you are meant to learn what you will need along the way.
For the following exercices, we are going to use Capture The Ether an awesome resource of Ethereum security challenges. Know that unlike Root-me, Capture the Ether does not have a “no solutions” policy, so you might come across solutions for the exercices you are trying to solve. We won’t try to discourage you from reading the solutions, it is your problem if you want to be spoiled of the answers.
This warning out of the way, let’s dive in !
Exercice 00
For this exercice you have to solve this challenge.
The goal of this challenge is for you to setup the environment you need to solve the following exercices.
No worries if the actions you make with the platform are slow, since you are working on a blockchain, all transactions are verified (yes, even on a test network), thus taking a bit of time (rarely more than a few minutes, but don’t hesitate to call a teacher if you have any doubt).
Exercice 01
The following exercice expects you to interact with a deployed challenge.
You may also solve this challenge which is pretty similar, but lets you choose your Capture The Ether username.
Exercise 02
The real security begins ! The following challenge is a first example of a proper contract. Try to steal the ether contained in the contract.
Exercice 03
The last challenge will require you to write a small script, to, again, steal the ether contained in the contract.
If you see this, it means that you read subjects, that’s cool, come see us and say “reblochon” to obtain a 5 points bonus.