Home

Awesome

Challenges

NoContractsTypeDifficultyWriteup
1PrivateData.solPrivate dataEasylink
2Wallet.sol,<br/>WalletLibrary.solLow level callsEasylink
3VNFT.solWeak RNG,<br/> Smart contract mintingMediumVNFT.md
4EtherWallet.solSignature MalleabilityMediumEtherWallet.md
5Vault.sol,<br/>Vesting.solLow level callsMediumVault.md
6Staking.solGas griefingMediumStaking.md

Install

Install Foundry if you haven't already.

git clone git@github.com:beskay/solidity-challenges.git
forge install

Tests and Exploits

See test for an example setup and exploit of all challenges. In order to test a single contract, run

forge test --match-contract <CONTRACT_NAME>

E.g. forge test --match-contract PrivateDataTest to run the test for PrivateData.sol.

See script/exploits for example exploit scripts to hack the deployed contracts on the goerli testnet

Deploy and verify

To deploy and verify the contracts, run

forge script <deploy_script> --rpc-url $RPC_URL --broadcast --verify --private-key $PK --etherscan-api-key $ETHERSCAN_API -vvv

Note that ETH_RPC_URL, ETHERSCAN_API and PK has to be set

export ETH_RPC_URL=<your_eth_rpc_url>
export ETHERSCAN_API=<your_etherscan_apikey>
export PK=<your_private_key>

Or create a .env file and load the variables with source .env