34C3 Smart Contract Hacking

How to Hack Smart Contracts Workshop @ 34C3

Motivation 800 600 400 200 0 May

June

August

ETH / USD

October

December

What’s Blockchain?

A B

A -> B 1 BTC

A -> B 1 BTC A wants to send Money to B

Transaction is crafted

Transaction is broadcasted to every party in the network

A -> B 1 BTC

B3

A -> B 1 BTC

A -> B 1 BTC

A -> B 1 BTC

B2

A B

B1 A -> B 1 BTC

A -> B 1 BTC

Transaction is validated by every party

B0 Transaction in a Block and added to Blockchain

Money from A -> B State changed in System

What’s Ethereum?

Ethereum = public global distributed virtual computer

Computation on Ethereum

can deploy can call User Account

-

has Balance

owned by private Key

• • • •

Contract Account

-

has Balance

owned by user Account

Deploy / Call is a transaction on the blockchain

Contract Call initiates computation

Each computational step costs ‚Gas‘ for the sender

Ether = payment unit for computation

Smart Contract Coding

Solidity: Similar to Javascript Important built-ins transfer( ) msg.sender msg.value balance this sha3( ) …

:= send funds to destination

:= return address

:= return uint of ether amount

:= return account balance

:= reference contract object

:= return hash of input

primitive data types address := account address

mapping := Array [address => uint]

solidity.readthedocs.io

Smart Contract Example contract creatorBalanceChecker { address creator; uint creatorbalance;

{

{

function creatorBalanceChecker() public { creator = msg.sender; creatorbalance = creator.balance; } function getContractAddress() constant returns (address) return this;

} function getCreatorBalance() constant returns (uint) { return creatorbalance; } function getCreatorDotBalance() constant returns (uint) return creator.balance;

} function () payable { } }

function kill() {

suicide(creator);

}

What can go wrong?

Open your Laptops !

1. Install MetaMask Browser Add-on 2. ethernaut-devcon3.zeppelin.solutions 3. solidity.readthedocs.io