Awesome
Ethernaut Writeups
This repository is a collection of writeups for Ethernaut challenges.
Ethernaut is a small wargame consisting of many challenges regarding smart contract security, specifically focused on the Ethereum blockchain. While some of these challenges are mostly teasers to improve the player's knowledge of smart contracts, some are based on very real security issues which caused lots of money to be stolen.
It's highly recommended to try the challenges if you're just now learning about smart contracts and intend to get a deeper understanding of potential problems with their development.
The game runs on the Ropsten testnet (so you don't need actual money to play) and you interact with it through Web3js and Metamask.
Metamask is a browser-based Ethereum wallet. Web3js is a Javascript API for the Ethereum blockchain, allowing the player to interact with the blockchain via the browser console.
Further instructions on how to play can be found here. I'm not aware of whether the Zeppelin team plans on keeping the game online indefinitely, but decided to write these writeups anyway, mainly because I'm bored and want to share my solutions and thoughts with the community. Update: the game can also be played locally, since it's open source.
Feel free to ask me for help if you need. My telegram handle is @marzanol. Also be aware I'm in no way an expert in this field and cannot provide any valuable insight into real life projects other than what can be learned from this game itself.
Index
- Hello Ethernaut
- Fallback
- Fallout
- Token
- Delegation
- Force
- King
- Reentrancy
- Elevator
- Telephone
- Vault
- CoinFlip
- Privacy (todo)
- Gatekeeper One (todo)
- Gatekeeper Two (todo)
- Naught Coin (todo)
PS: New challenges were added by the Zeppelin team and the order of the challenges was changed, so the order here doesn't match theirs anymore.
Resources
- Solidity Documentation: The official docs is very well written and should be with you at all times. It's a great resource to those looking to learn about smart contracts for the first time, if you have any previous programming skills.
- Web3 Javascript API: A must-read reference on how to programatically interact with contracts through javascript.
- Solidity Cheat Sheet and Best Practices: Small cheat sheet for the lazy ones.
- EthList: The Crowdsourced Ethereum Reading List: Further references with many useful links and videos for complete beginners.
- Pet-shop-box: Truffle tutorial that teaches you how to build a complete smart contracts application.
- Learning Solidity: Great Youtube playlist with Solidity tutorials for beginners.