I’ve been playing with an Ethereum wargame, Capture the Ether, during Christmas holidays. I really enjoy CTFs and, more generally, finding flaws/unintended behavior in other people’ code. Doing that with Ethereum and Solidity is much more fun, because:
- it’s a whole new ecosystem on which I did not have prior experience
- the wargame is focused on the platform pitfalls (spoiler: there are a lot of them) and best practices
- rekt.news 1
I set up a repo to track my progress on the wargame, where every commit contains the solution for a given problem: the original contract, the
ethers script to solve it, and, when needed, support contracts and test cases. The repo can be found here. I won’t be doing any detailed write-up on the single challenges because there are already many2 of them3 available on the internet. I’m always available for discussing solutions though.
Admittedly, I was completely lost on a couple challenges (Fuzzy Identity and Account Takeover) because cryptography is hard (at least for me :D). Nonetheless, the solutions were fascinating and helped me tackle the subject a little.
If you are interested in other similar competitions, this repo has a huge list of them, and it’s frequently updated!