Download ZIP (9.4 KB)

Testing and Issues

You can test this entry and submit issues during the testing period of the Blockchain Contest contest.

Entries with serious issues will not be able to win the contest, but even minor issues might be important for overall results.




You have not added any comments yet...
by rating


Andrey Toukmanov Oct 17, 2019 at 12:57
Hello, your sol contract has a serious vulnerability
Attacker who make deposit with hash of 0 can infinitely withraw ether from contract, till balance if > 0
Here is exploit (run with node, first arg your node path, testnet by default):
Sweet Crab Oct 17, 2019 at 14:21
Thank you, you're right. It is necessary to add a check that the secretHash is not a hash from zero. We have already fix it.
So I pulled the code from init.boc file provided. And to my surprise the first thing it does (after SETCP 0) is ACCEPT. So I deployed it on testnet and sure enough it looses balance quickly.
Nobody added any issues yet...