Python Crash Course 2: Basic Data Structures
Access the full Python Crash Course and hundreds of additional coding videos and courses, including your personalized course certificates, on the Finxter Computer Science Academy!
Computer Science
Python Crash Course 1: Keywords
Access the full Python Crash Course and hundreds of additional coding videos and courses, including your personalized course certificates, on the Finxter Computer Science Academy!
Smart Contract Replay Attack in Solidity
This post provides insights into the replay attack in blockchains. As per the wiki, a replay attack is a valid data transmission that is maliciously or fraudulently repeated or delayed. In the case of blockchains, a replay attack means taking a transaction on a blockchain and maliciously or fraudulently repeating it on the same or …
Smart Contract Randomness or ReplicatedLogic Attack
In this tutorial, the randomness attack or also called replicated logic attack is analyzed. The problem in Solidity contracts is finding the true source of randomness. We will see how generating a random number using on chain data cannot be trusted. The tutorial starts with exploiting the randomness vulnerability, followed by the possible solutions. Let …
Smart Contract Randomness or ReplicatedLogic Attack Read More »
DelegateCall or Storage Collision Attack on Smart Contracts
The DelegateCall attack or storage collision is expounded in this post. Before you can grasp this exploit, you must first understand how Solidity saves state variables as explained here. We start with the differences between call and delegatecall in Solidity, followed by exploiting the vulnerability of the delegatecall using the proxy contracts (mostly in smart …
DelegateCall or Storage Collision Attack on Smart Contracts Read More »
Denial of Service (DoS) Attack on Smart Contracts
The post discusses the Denial of Service or alias the DoS attack. The Denial of Service (hence referred to as DoS) restricts legitimate users from using the smart contracts permanently or for a certain period unusable. In the blockchain, DoS attacks are of three types, namely: Unexpected Revert, Block Gas Limit, and Block Stuffing. For …
Denial of Service (DoS) Attack on Smart Contracts Read More »
tx.origin Phishing Attack — Smart Contract Security
In this post, we discuss phishing attacks due to tx.origin. In the regular phishing of a website, phishing begins with a phony email or another kind of communication intended to entice a victim. In this case, the communication done appears as if it came from a reputable sender. Similarly, the case of smart contracts which …
tx.origin Phishing Attack — Smart Contract Security Read More »
Reentrancy Attack – Hacking Smart Contracts [Solidity]
You can check out the code for this article on our GitHub. Preamble The post discusses the next attack called the reentrancy attack. One famous reentrancy attack that occurred in 2016 was the DAO attack leading to losses of $60 million. Let us try to emulate the attack and see the possible solutions for such …
Reentrancy Attack – Hacking Smart Contracts [Solidity] Read More »
Private Variable Exploit – Hacking Smart Contracts in Solidity
In this part 2 of the series, we’ll examine how to exploit the “private” vulnerability in Solidity. As the name suggests, private means not accessible to anyone outside. Can we expect the same in Solidity smart contracts? Is any variable declared as ” private” in Solidity is not accessible from the outside world? If the …
Private Variable Exploit – Hacking Smart Contracts in Solidity Read More »
Ownership Exploit in Solidity Smart Contracts
Unlike mobile and web development, in which software can be upgraded easily to fix any security loopholes, the same is arduous if not impossible in the field of blockchain, smart contracts in particular. The cost of failure in blockchain can be extremely high as a lot of currency is at stake. Keeping this in mind, …