ConsenSys Diligence is releasing a couple CTF challenges. The first one (“Ethereum Sandbox”) took advantage of changes introduced in the Constantinople upgrade. It was solved by samczsun.

The second challenge is called Rop EVM. Read some bytecode and write an exploit. It is at 0xEfa51BC7AaFE33e6f0E4E44d19Eab7595F4Cca87.

Exploit the contract and extract the 0.05 ether. There’s also a 100 DAI bounty up for grabs. The rules for winning the bounty are the same as last time:

  • If you’re first to extract the ETH and post a write-up on how you did it, you win the bounty (you will need to prove ownership…


This article gives an introduction to the MythX security analysis plugin for Truffle.

Do you develop smart contracts? Would you like to be able to check your contract for vulnerabilities without sacrificing your other responsibilities?

This article will introduce you to MythX for Truffle. MythX for Truffle extends the Truffle framework to be able to leverage the MythX platform to test contracts for security holes. It creates actionable reports for your smart contracts to help you remove easy-to-miss weaknesses and vulnerabilities.

Setting up MythX for Truffle

MythX for Truffle is a Truffle plugin, and uses MythX on the back end to inspect your smart contracts…


ConsenSys “not giving away ether” Diligence is giving away ether! Kind of.

ConsenSys Diligence is deploying a series of vulnerable smart contracts to put your hacking skills to the test. The first CTF challenge is dubbed Ethereum Sandbox, and is at 0x68cb858247ef5c4a0d0cde9d6f68dce93e49c02a. Exploit the contract and extract the 0.05 ether. There’s also a 200 DAI bounty up for grabs. The rules for winning the bounty:

  • If you’re first to extract the ETH and post a write-up on how you did it, you win the bounty (you’ll need to prove ownership of the attacker’s address)
  • If you’re not first to extract the ETH but solved the challenge, you can still post a write-up…

Nathan

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store