MENU

PuzzleWallet

0
448
0

One of the biggest advantages of Ethereum is that every transaction of moving funds, every contract deployed, and every transaction made to a contract is immutable on a public ledger we call the blockchain. There is no way to hide or amend any transactions ever made. The huge benefit is that any node on the Ethereum network can verify the validity and state of every transaction making Ethereum a very robust decentralized system. But the biggest disadvantage is that you cannot change the source code of your smart contract after it’s been deployed. Developers working on centralized applications (like Facebook, or Airbnb) are used to frequent updates in order to fix bugs or introduce new features. This is impossible to do on Ethereum with traditional patterns.

The alternative is Proxy. Every Proxy pattern is based on delegatecall which is low-level functionality. delegatecall basically says that I’m a contract and I’m allowing (delegating) you to do whatever you want to my storage. delegatecall is a security risk for the sending contract which needs to trust that the receiving contract will treat the storage well.

PuzzleWallet game explains about Proxy pattern and the vulnerabilities of delegatecall.
If you solved it without searching online, you are a Solidity expert already, and you can keep your smart contracts safe.

I recommend you test yourself, whether you can solve the puzzle or not, whether you can save or lose your funds.

Here is the solution:

https://github.com/maAPPsDEV/puzzle-wallet-attack

Sorry, the comment form is closed at this time.