If you’re not familiar with , it’s an Ethereum-based smart contract security CTF game, presented by . For a long time, it’s been the same 26 puzzles, each one of which presents a smart contract with a security vulnerability. The game is to find and exploit the vulnerability, then submit proof of having done so to pass the level. The first person to win all levels gets awarded a free lambo! Or, the only awards are the entertainment/educational value gleaned from the exercise, I forget which. Ethernaut OpenZeppelin Spoiler alert: you can see some of my solutions explained . here if you plan to solve the problems on your own. Avoid that link Well, for a while it’s been the same 26 puzzles, but recently I visited the site again and noticed that a was added: new one The new one is called “Good Samaritan”, and (again ) I will walk you through the problem and the solution. spoiler alert The Problem The problem is explained succinctly . here, on the Ethernaut website There is a network of three smart contracts, comprising a Coin (a very simplified version of an ERC20 token), a Wallet (holds the coin/token), and a front-end contract for donating 10 of the token upon request. This front-end contract owns the wallet which owns a large quantity of the token. The condition for winning is to rob the entire contents of the GoodSamaritan’s wallet. The Solution So, there is actually nothing stopping you from just requesting 10 tokens over and over, except that it will require 100,000 separate requests, will take forever and will cost a ton in gas fees. If you did it this way, I imagine that you would be declared a winner. But that wouldn’t be fun and would miss the point of the challenge. There’s a second way, just using a plain old reentrancy attack. But I won’t get into the details of this, as it’s still too time-consuming and costly. It’s basically the same thing as repeatedly requesting, but with slightly fewer steps. Finally, the real solution (as the Ethernaut description indicates) has to do with the newer way of throwing errors. So, we have a call stack that goes from GS.requestDonation() → Wallet.donate10() → Coin.transfer() Examining this, it’s pretty unremarkable; on examination, there’s no obvious hook to be seen, whereby one could disrupt the process or inject some malicious functionality. However, then the chain is like this: if the caller happens to be another contract, GS.requestDonation() → Wallet.donate10() → Coin.transfer() → INotifyable.notify That last step is clearly the opportunity to disrupt the expected flow. The INotifyable.notify() is an optional hook back to the caller (the calling contract). This is essentially allowing you, the caller, to inject code into the process, right at that point. You code and deploy your own contract to act on your behalf, and execute custom code at that exact spot. So, what code to execute? Well, the first thing that comes to mind is reentrancy, the core of so many attacks in this game (and in real life). Looking at the Coin.transfer function, we can see that it follows the checks-effects-interactions pattern to defend against reentrancy attacks. It has its checks: if(amount_ <= currentBalance) Followed by its effects: balances[msg.sender] -= amount_;
balances[dest_] += amount_; and finally, interactions: INotifyable(dest_).notify(amount_); Now, the trick is that we know one thing: in the GoodSamaritan contract, the result of a error being caught, is that the GoodSamaritan will dump its entire wallet contents onto the caller! NotEnoughBalance } catch (bytes memory err) {
      if (keccak256(abi.encodeWithSignature("NotEnoughBalance()")) == keccak256(err)) {
           // send the coins left
           wallet.transferRemainder(msg.sender);
           return false;
      }
} Hmmm… it seems that the way to get that code to execute, would be to simply cause a NotEnoughBalance error to be thrown. And since the process is allowing us to execute our own custom code…. well there it is. You can see and download my complete solution . The solution itself is visible in the and the . The used in the solution is here. here execute script unit tests custom contract Conclusion There are other smart contract CTFs. What I don’t like about Ethernaut’s is that I feel that they do a bit too much to ‘feed’ you the solution. It would be nice to see a more realistic scenario that contains more complexity and ‘noise’ - a bunch of details that are not related to the solution, that might serve to distract one from the real solution. Which is what you’d see in the real world. What I do like about Ethernaut is that IMO they do a good job in covering many of the most crucial aspects of EVM smart contract security. I’d definitely recommend Ethernaut for someone who is already fairly well-versed in smart contract development, but who is maybe wanting to expand their knowledge of security issues. Also, these exercises are a fun challenge that you can do within a few spare hours, in most cases.

Ethereum

Chain

BUNCH

fees

Good Samaritan - The New Ethernaut CTF Challenge

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

Untitled Story

4 Common NFT Contract Design Anti-Patterns

Blockchain Investigations in NTerminal - Powered by Splunk & CipherTrace

Capturing all the flags in BSidesSF CTF by pwning our infrastructure

Here's How I Organized a Jeopardy Style Capture-The-Flag Competition

How We used Docker to Organize a CTF like Event

4 Common NFT Contract Design Anti-Patterns

Blockchain Investigations in NTerminal - Powered by Splunk & CipherTrace

Capturing all the flags in BSidesSF CTF by pwning our infrastructure

Here's How I Organized a Jeopardy Style Capture-The-Flag Competition

How We used Docker to Organize a CTF like Event

Light-Mode

Classic

Newspaper

Dark-Mode

Neon Noir

Minty

HN StartUps