This repository contains various smart contract attacks. It can be used to test the performance of different smart contract audit tools. This repository is compatible with Foundry. To test each vulnerability, clone this repository to your PC, compile it using the forge compile command, and run all tests using the forge test command.
Here is the list of the vulnerabilities:
- Denial of Service (DOS)
- Distribution
- First-depositor-attack
- Flashloan-attack
- Front Running
- Arithmetic Overflow-Underflow
- Permit-dos-attack
- Price-attack
- Reentrancy attack
- Reorg attack
- Self Destruct attack
- tx-origin -attack
- Access control
- Unchecked Low Level Calls
- Bad Randomness
- Time manipulation
- Short Address
- Improper Input Validation
- Double voting or msg.sender spoofing
- Bypassing the contract check
- Mixed accounting
- Treating cryptographic proofs like passwords
- Solidity does not upcast to the final uint size
- Solidity sneakily makes some literals uint8
- Solidity downcasting does not revert on overflow
- Writes to storage pointers don’t save new data
- Deleting structs that contain dynamic datatypes does not delete the dynamic data
- ERC20 Fee on transfer
- ERC20 rebasing tokens
- ERC20 ERC777 in ERC20 clothing
- ERC20 Not all ERC20 tokens return true
- msg.value in a loop
Private Variables- Overpowered Admins
Use Ownable2Step instead of Ownable- Rounding Errors
- Signatures ecrecover returns invalid address
- Signature replay
- Signature malleability
- Signatures can be forged or crafted without proper safeguards
- Transfer() and send() can break with multi-signature wallets
- Corner Case
- Off-By-One
- Account Existence Check for low level calls
- Assert Violation
- Bypass Contract Size Check
- Code With No Effects
Entropy Illusion- Function Selector Abuse
- Floating Pragma
Forcibly Sending Ether to a Contract- Function Default Visibility
- Hash Collisions With Multiple Variable Length Arguments
- Improper Array Deletion
- Incorrect interface
- Unsafe Ownership Transfer
- Message call with hardcoded gas amount
- Hiding Malicious Code with External Contract
- Public burn() function
- Requirement Violation
- Right-To-Left-Override control character (U+202E)
- Shadowing State Variables
- Typographical Error
- Unencrypted Private Data On-Chain
Unexpected Ether balance- Uninitialized Storage Pointer
- Unprotected Ether Withdrawal
- Unprotected Upgrades
- Use of Deprecated Solidity Functions
Write to Arbitrary Storage LocationWrong inheritance- Unsupported Opcodes
- Write to Arbitrary Storage Location
- Hash Collision when using abi.encodePacked() with Multiple Variable-Length Arguments
- Incorrect Inheritance Order
- Inadherence to Standards
- Asserting Contract from Code Size
- Insufficient Access Control
- Lack of Precision
- Unbounded Return Data
- Deleting a Mapping Within a Struct
- Ambiguous Evaluation Order
- Approval Vulnerabilities
- Incorrect Parameter Order
- Oracle Manipulation Attacks
- Unexpected Ether Transfers
- Dos > Offline Owner
- Privacy Illusion
- External Contract Referencing
- Arbitrary Jumps with Function Variables
- Dirty Higher Order Bits
- Complex Modifiers
- Experimental Language Features
- Call Depth Attack
- Historic Attacks > Constructor Names
- Payable Multicall
- Presence of unused variables
- Lack of Proper Signature Verification
- Block values as a proxy for time
Todo: Create video for each vulnerability, the content should include:
- An explanation of the source code.
- A detailed discussion of the vulnerability.
- A demonstration of testing using Foundry.
- Presentation of the mitigation strategies and how the vulnerability is fixed.