Skip to content

romeroadrian/DeFi-Security-Summit-Stanford

BranchesTags
 
 

Repository files navigation

Secureum A-MAZE-X Stanford

A Smart Contract Security Capture the Flag Workshop

A-MAZE-X-Stanford-LOGO hosted by the Stanford University as part of Defi Security 101
built by eugenioclrc and luksgrin
special thanks to patrickd, StErMi, tinchoabbate and Rajeev for reviewing, commenting and helping during the elaboration and design of this CTF Workshop

Instructions 🕹️

This Workshop consists in a series of challenges, of increasing difficulty, targetting different concepts and common vulnerabilities found in DeFi. The CTF is designed in different flavors for all kinds of users.

This is the A-MAZE-X Foundry flavor

Best suited for users who are very familiar with Solidity and do not want to use additional languages. The following setup tutorial will guide you through the installation of Foundry and its setup.

Clone this repository

Run the command below to clone this repository into your local machine

git clone git@github.com:eugenioclrc/DeFi-Security-Summit-Stanford.git
cd DeFi-Security-Summit-Stanford
git checkout foundry

Install Foundry (if you don't have Foundry already installed)

Run the command below to get foundryup the Foundry toolchain installer:

curl -L https://foundry.paradigm.xyz | bash

Then, in a new terminal session (or after reloading your PATH environmental variable), run foundryup to get the latest forge and cast binaries:

foundryup

And finally, install the repository's dependencies by entering it and running:

forge install

Note that you might have to restart your terminal for the forge command to become available.

At this point you should be all set. If not, check Foundry's installation troubleshooting.

Solving a challenge

Challenge contracts are located under the foundry_flavor/src/ directory. Do not modify them, as it may lead to unexpected behaviors within the challenges.

To solve a challenge, you must open the corresponding foundry_flavor/test/ChallengeX.t.sol (where X is a number) and add your exploit code in the signalized areas within said file.

Then, to check if the challenge has been solved, execute the following command

forge test --match-path test/ChallengeX.t.sol

If the solution criteria have been reached, it shall display the following message

Running 1 test for test/ChallengeX.t.sol:ChallengeXTest
[PASS] testChallenge() (gas: XXXX)
Test result: ok. 1 passed; 0 failed; finished in XXXms

Alternatively, to check if all challenges have been solved, execute the following command:

bash isSolved.sh

which will return the test results for all challenges in order.

Important note

This set of challenges aren't set for competitive purposes. Their main objective is to showcase scenarios involving DeFi, Solidity concepts and common vulnerabilities.

Focus on learning and having fun! 😊

🔗 Access the repository's main README file containing the challenges' descriptions.

About

DEFI Focus Smart Contract Security Capture the Flag

ctf-maker-monorepo.vercel.app/

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Solidity 99.2%
  • Shell 0.8%