-
Reentrancy | Hack Solidity (0.6)
This video will explain how the reentrancy exploit works and then explain how to protect your Solidity smart contract from it.
#Solidity #Reentrancy
Code: https://solidity-by-example.org/0.6/hacks/re-entrancy/
References
https://github.com/ethereumbook/ethereumbook/blob/develop/09smart-contracts-security.asciidoc
https://solidity-05.ethernaut.openzeppelin.com/
Remix IDE: http://remix.ethereum.org
Solidity: https://solidity.readthedocs.io
Follow on Twitter: @ProgrammerSmart https://twitter.com/ProgrammerSmart
Join me on Discord: https://discord.gg/Ny8sPaj
Website: https://smartcontractprogrammer.com -
Arithmetic Overflow and Underflow | Hack Solidity (0.6)
In this video, we will examine a Solidity smart contract that is vulnerable to uint overflow and underflow.
#Solidity #Overflow #Underflow
Code: https://solidity-by-example.org/0.6/hacks/overflow/
References
https://github.com/ethereumbook/ethereumbook/blob/develop/09smart-contracts-security.asciidoc
https://solidity-05.ethernaut.openzeppelin.com/
Remix IDE: http://remix.ethereum.org
Solidity: https://solidity.readthedocs.io
Follow on Twitter: @ProgrammerSmart https://twitter.com/ProgrammerSmart
Join me on Discord: https://discord.gg/Ny8sPaj
Website: https://smartcontractprogrammer.com -
Arithmetic Overflow and Underflow | Hack Solidity (0.6)
In this video, we will examine a Solidity smart contract that is vulnerable to uint overflow and underflow.
#Solidity #Overflow #Underflow
Code: https://solidity-by-example.org/0.6/hacks/overflow/
References
https://github.com/ethereumbook/ethereumbook/blob/develop/09smart-contracts-security.asciidoc
https://solidity-05.ethernaut.openzeppelin.com/
Remix IDE: http://remix.ethereum.org
Solidity: https://solidity.readthedocs.io
Follow on Twitter: @ProgrammerSmart https://twitter.com/ProgrammerSmart
Join me on Discord: https://discord.gg/Ny8sPaj
Website: https://smartcontractprogrammer.com -
Forcefully Send Ether with selfdestruct | Hack Solidity (0.6)
Did you know that there is a hack to forcefully send Ether to any contract, even if the receiving contract does not have any payable fallback or payable function? In this video, I will explain how this can be done and also show you how to protect your contract from this hack.
#Solidity #selfdestruct #hack
Code: https://solidity-by-example.org/0.6/hacks/self-destruct/
References
https://github.com/ethereumbook/ethereumbook/blob/develop/09smart-contracts-security.asciidoc
https://solidity-05.ethernaut.openzeppelin.com/
Remix IDE: http://remix.ethereum.org
Solidity: https://solidity.readthedocs.io
Follow on Twitter: @ProgrammerSmart https://twitter.com/ProgrammerSmart
Join me on Discord: https://discord.gg/Ny8sPaj
Website: https://smartcontractprogrammer.com -
Accessing Private Data | Hack Solidity (0.6)
Never store sensitive data in a private state variable. Private state variable are not accessible by other contracts, but since everything on the blockchain is public data, we are available to get that private data. Let's see how.
#Solidity #private #hack #EVM #storage-layout
Code: https://solidity-by-example.org/0.6/hacks/accessing-private-data/
Truffle project used in this video
https://github.com/t4sk/solidity-multi-sig-wallet
References
https://github.com/ethereumbook/ethereumbook/blob/develop/09smart-contracts-security.asciidoc
https://solidity-05.ethernaut.openzeppelin.com/
Remix IDE: http://remix.ethereum.org
Solidity: https://solidity.readthedocs.io
Follow on Twitter: @ProgrammerSmart https://twitter.com/ProgrammerSmart
Join me on Discord: https://discord.gg/Ny8sPaj
Website: https://smartcontractprogrammer.com -
Accessing Private Data | Hack Solidity (0.6)
Never store sensitive data in a private state variable. Private state variable are not accessible by other contracts, but since everything on the blockchain is public data, we are available to get that private data. Let's see how.
#Solidity #private #hack #EVM #storage-layout
Code: https://solidity-by-example.org/0.6/hacks/accessing-private-data/
Truffle project used in this video
https://github.com/t4sk/solidity-multi-sig-wallet
References
https://github.com/ethereumbook/ethereumbook/blob/develop/09smart-contracts-security.asciidoc
https://solidity-05.ethernaut.openzeppelin.com/
Remix IDE: http://remix.ethereum.org
Solidity: https://solidity.readthedocs.io
Follow on Twitter: @ProgrammerSmart https://twitter.com/ProgrammerSmart
Join me on Discord: https://discord.gg/Ny8sPaj
Website: https://smartcontractprogrammer.com -
Unsafe Delegatecall (part 1) | Hack Solidity (0.6)
What can go wrong when you forget that delegatecall preserves context? One exploit that is possible from an unsafe delegatecall is to bypass any access control and directly update state variables. In this video I will show you how to update a state variable although the smart contract does not have any function to update it.
#Solidity #delegatecall #hack
Code: https://solidity-by-example.org/0.6/hacks/delegatecall/
References
https://github.com/ethereumbook/ethereumbook/blob/develop/09smart-contracts-security.asciidoc
https://solidity-05.ethernaut.openzeppelin.com/
Remix IDE: http://remix.ethereum.org
Solidity: https://solidity.readthedocs.io
Follow on Twitter: @ProgrammerSmart https://twitter.com/ProgrammerSmart
Join me on Discord: https://discord.gg/Ny8sPaj
Website: https://smartcontractprogrammer.com -
Unsafe Delegatecall (part 1) | Hack Solidity (0.6)
What can go wrong when you forget that delegatecall preserves context? One exploit that is possible from an unsafe delegatecall is to bypass any access control and directly update state variables. In this video I will show you how to update a state variable although the smart contract does not have any function to update it.
#Solidity #delegatecall #hack
Code: https://solidity-by-example.org/0.6/hacks/delegatecall/
References
https://github.com/ethereumbook/ethereumbook/blob/develop/09smart-contracts-security.asciidoc
https://solidity-05.ethernaut.openzeppelin.com/
Remix IDE: http://remix.ethereum.org
Solidity: https://solidity.readthedocs.io
Follow on Twitter: @ProgrammerSmart https://twitter.com/ProgrammerSmart
Join me on Discord: https://discord.gg/Ny8sPaj
Website: https://smartcontractprogrammer.com -
Unsafe Delegatecall (part 1) | Hack Solidity (0.6)
What can go wrong when you forget that delegatecall preserves context? One exploit that is possible from an unsafe delegatecall is to bypass any access control and directly update state variables. In this video I will show you how to update a state variable although the smart contract does not have any function to update it.
#Solidity #delegatecall #hack
Code: https://solidity-by-example.org/0.6/hacks/delegatecall/
References
https://github.com/ethereumbook/ethereumbook/blob/develop/09smart-contracts-security.asciidoc
https://solidity-05.ethernaut.openzeppelin.com/
Remix IDE: http://remix.ethereum.org
Solidity: https://solidity.readthedocs.io
Follow on Twitter: @ProgrammerSmart https://twitter.com/ProgrammerSmart
Join me on Discord: https://discord.gg/Ny8sPaj
Website: https://smartcontractprogrammer.com -
Unsafe Delegatecall (part 1) | Hack Solidity (0.6)
What can go wrong when you forget that delegatecall preserves context? One exploit that is possible from an unsafe delegatecall is to bypass any access control and directly update state variables. In this video I will show you how to update a state variable although the smart contract does not have any function to update it.
#Solidity #delegatecall #hack
Code: https://solidity-by-example.org/0.6/hacks/delegatecall/
References
https://github.com/ethereumbook/ethereumbook/blob/develop/09smart-contracts-security.asciidoc
https://solidity-05.ethernaut.openzeppelin.com/
Remix IDE: http://remix.ethereum.org
Solidity: https://solidity.readthedocs.io
Follow on Twitter: @ProgrammerSmart https://twitter.com/ProgrammerSmart
Join me on Discord: https://discord.gg/Ny8sPaj
Website: https://smartcontractprogrammer.com -
Unsafe Delegatecall (part 1) | Hack Solidity (0.6)
What can go wrong when you forget that delegatecall preserves context? One exploit that is possible from an unsafe delegatecall is to bypass any access control and directly update state variables. In this video I will show you how to update a state variable although the smart contract does not have any function to update it.
#Solidity #delegatecall #hack
Code: https://solidity-by-example.org/0.6/hacks/delegatecall/
References
https://github.com/ethereumbook/ethereumbook/blob/develop/09smart-contracts-security.asciidoc
https://solidity-05.ethernaut.openzeppelin.com/
Remix IDE: http://remix.ethereum.org
Solidity: https://solidity.readthedocs.io
Follow on Twitter: @ProgrammerSmart https://twitter.com/ProgrammerSmart
Join me on Discord: https://discord.gg/Ny8sPaj
Website: https://smartcontractprogrammer.com -
Unsafe Delegatecall (part 1) | Hack Solidity (0.6)
What can go wrong when you forget that delegatecall preserves context? One exploit that is possible from an unsafe delegatecall is to bypass any access control and directly update state variables. In this video I will show you how to update a state variable although the smart contract does not have any function to update it.
#Solidity #delegatecall #hack
Code: https://solidity-by-example.org/0.6/hacks/delegatecall/
References
https://github.com/ethereumbook/ethereumbook/blob/develop/09smart-contracts-security.asciidoc
https://solidity-05.ethernaut.openzeppelin.com/
Remix IDE: http://remix.ethereum.org
Solidity: https://solidity.readthedocs.io
Follow on Twitter: @ProgrammerSmart https://twitter.com/ProgrammerSmart
Join me on Discord: https://discord.gg/Ny8sPaj
Website: https://smartcontractprogrammer.com