Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Anna Kondratenko πŸ‘©πŸ»β€πŸ’» Profile picture
@anacoding
May 27, 2022 β€’ 9 tweets β€’ 4 min read β€’ Read on X
Scrolly
Day 75 of #100DaysOfDeFI πŸš€ today 3/4 of the challenge is done! πŸŽ‰  Also today I finish exploring Solidity vulnerabilities with learning about Denial of service (DoS) attacks πŸ¦ΉπŸΌβ€β™€οΈ
#womenwhocode #100DaysOfCode

How it works 🧡
1/ There are many ways to attack a smart contract and at some point create a DoS⚑
2/ Denial of Service attack paralyzes a smart contract and makes it temporarily unusable πŸ›‘
3/ Let’s see an example of a simple game EtherKing that can be broken by a DoS. A goal of the game is to send more Ether to the contract than the previous king; then the former king gets their funds back πŸ’Έ
4/ Now define the Attack smart contract πŸ¦ΉπŸ½β€β™€οΈ The contract doesn’t have a fallback function, so any attempt to send the Ether back will fail πŸ’Έ
5/ Let’s try it out! Deploy KingOfEther then set value to 1 Ether and click β€œclaimThrone” πŸ‘‘ We can see that the king is the account address we used to claim the throne πŸ‘‡
6/ Now change the account address and deploy the Attack contract πŸ‘Ί
7/ Set the value to 2 Ether and claim the throne again! Now the balance is 2 Ether king is the Attack πŸ‘Ί
8/ Finally try to beat the Attack and get the crown back. Change the account again and set value to more than 2 Ether. Click claim the throne function and we’ll get an error πŸ‘‡

β€’ β€’ β€’

Missing some Tweet in this thread? You can try to force a refresh
γ€€

Keep Current with Anna Kondratenko πŸ‘©πŸ»β€πŸ’»

Anna Kondratenko πŸ‘©πŸ»β€πŸ’» Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @anacoding

Anna Kondratenko πŸ‘©πŸ»β€πŸ’» Profile picture
May 26, 2022
Day 74 of #100DaysOfDeFI πŸš€ Today I learned about Delegate Call vulnerability in #Solidity πŸ¦ΉπŸΌβ€β™€οΈ  When using delegatecall opcode one should be careful because wrong usage will lead to unexpected results ⚠️
#womenwhocode #100DaysOfCode

How it works 🧡 Image
1/ What delegatecall is? When contract A uses delegatecall to call contract B it means that the contract B code will be executed inside context of the contract A: storage, msg.sender, msg.value, msg.data, etc will be the A’s context.
2/ Storage layout must be the same for contract A and contract B β†’ it means both contracts should declare the same state variables in the same order πŸ‘Ύ
Read 8 tweets
Anna Kondratenko πŸ‘©πŸ»β€πŸ’» Profile picture
May 25, 2022
Day 73 of #100DaysOfDeFI πŸš€ Learned about Self Destruct vulnerability in #Solidity πŸ¦ΉπŸΌβ€β™€οΈ Selfdestruct deletes the contract from the blockchain and and sends all Ether to a designated address πŸ’Έ  In some scenarios it can lead to unexpected problems ❌
#100DaysOfCode

How it works 🧡
1/ Let’s see how it works with an example of a simple game 🎲  Players send to the contract 1 token πŸͺ™ the one who deposits the fifth token wins πŸ†
Game code πŸ‘‡
2/ Attacker smart contract πŸ¦ΉπŸΌβ€β™€οΈ
Read 5 tweets
Anna Kondratenko πŸ‘©πŸ»β€πŸ’» Profile picture
May 24, 2022
Day 72 of #100DaysOfDeFI πŸš€  Today I looked at arithmetic Over/Under Flows in #Solidity πŸ‘Ύ This vulnerability been secured by the current Solidity version πŸ¦Έβ€β™‚οΈ Nevertheless, it is important to understand what it is and how to avoid it πŸ‘©πŸ»β€πŸ’»
#womenwhocode #100DaysOfCode

Summary 🧡 Image
1/ An overflow in Solidity occurs when a number is incremented beyond its maximum value. For example, if we have a uint8 with a value of 255 and increment it by 1, it will β€œreset” and set a value to 0. Remember, the maximum value for uint8 is 255❗
2/ Similar thing happens when we decrease a value beyond its minimal level. Taking the same example, if a uint8 is set to 0 and we decrease it by 1, it will set to 255, since 0 is the minimal value of uint8❗
Read 7 tweets
Anna Kondratenko πŸ‘©πŸ»β€πŸ’» Profile picture
May 23, 2022
Day 71 of #100DaysOfDeFI πŸš€ looked at Re-Entrancy vulnerability🦹🏻 It is one of the most destructive attacks in the #Solidity smart contracts πŸ’Έ The untrusted contract that exploits the vulnerability is able to drain all user's funds 🚰
#100DaysOfCode

How it works 🧡
1/ To make it happen, there should be 2 contracts: a vulnerable contract and an attacker’s contract πŸ‘Ί
2/ The attacker should deposit some funds into the vulnerable contract πŸ’°
Read 11 tweets
Anna Kondratenko πŸ‘©πŸ»β€πŸ’» Profile picture
May 18, 2022
Day 68 of #100DaysOfDeFI πŸš€ Today I worked on the Factory smart contract that is a part of the decentralized exchange architecture πŸ’±  Factory creates and keeps track of all Pair contracts πŸ‘©πŸ»β€πŸ’»
#womenwhocode #100DaysOfCode

Summary 🧡 Image
1/ The Factory will include:
πŸ”· createPair - create a Liquidity Pool;
πŸ”· adjustAmount - adjust a number of tokens using a formula;
πŸ”· getReserves - a getter function;
πŸ”· addLiquidity - add liquidity to the LP;
πŸ”· removeLiquidity - withdraw liquidity;
πŸ”· trade1for2 - swap tokens.
2/ First, initialize contract and define the state variables πŸ‘©πŸ»β€πŸ’» Image
Read 8 tweets
Anna Kondratenko πŸ‘©πŸ»β€πŸ’» Profile picture
May 17, 2022
Day 67 of #100DaysOfDeFI πŸš€ Today I continued creating a basic DEX πŸ‘©πŸ»β€πŸ’»  and focused on developing a Pair smart contract πŸ‘Ύ  Pair represents the Liquidity Pool πŸͺ™ it is in charge of swapping πŸ’± managing the liquidity pool and burning πŸ”₯
#womenwhocode #100DaysOfCode

Summary 🧡
1/ In this example of the Pair smart contract I’ll implement the following methods:
πŸ”Ά  getReservers - get quantities of each token;
πŸ”Ά  updateReserves - update the tokens’ quantities;
πŸ”Ά  swap - exchange two tokens;
πŸ”Ά  withdrawTokens - send the tokens back to the LP.
2/ First, initialize the Pair contract. We’ll need to import some contracts from OpenZeppelin and a Tokens contract from the day 66 of the challenge. Initialize state variables and constructor, tooπŸ‘©πŸ»β€πŸ’»
Read 7 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(