Computer Security Fundamentals Project 5: “Smart” Contracts
Project 5: “Smart” Contracts
In this project, you will write an Ethereum smart contract to play a simple game of Rock/Paper/Scissors,
and deploy it on the Ropsten Test Network. You’ll also exploit an existing smart contract to steal
(testnet) funds from it.
• Implement and deploy a basic Ethereum smart contract in Solidity
• Understand basic smart contract vulnerabilities
• See how vulnerabilities can lead to stolen funds.
Part 0. Setup
You’ll need to familiarize yourself with a few new tools for interacting with the Ethereum Blockchain.
We’ll be using Ropsten Testnet Ethereum, which is exactly like the main Ethereum, but the Ether
is free and not exchangeable. You won’t need to buy anything, or use real money at any point in
this project (though all the techniques could be used on the main net as well).
MetaMask is a Chrome/Firefox/Brave extension that acts as an Ethereum wallet and will store your
(testnet) Ether currency. Install it in your browser of choice:
You’ll need to create/save a password that lets you open your wallet. Be sure to keep the password
Once installed, go get some Ropsten Testnet Ether from the faucet: https://faucet.metamask.
io/. Click on “request 1 ether from faucet”. You should see the transaction show up under the
transactions list, and then you should see in your MetaMask that you have 1 Ether (make sure you
have Ropsten Test Network selected instead of Main Ethereum Network) in your account.
MyEtherWallet is used to interact with existing and deploy new smart contracts. Go to https:
//www.myetherwallet.com/ and make a wallet. You don’t need to create a new wallet, since you
connect to MetaMask instead. When you get to the creating a wallet step, click on “Access My
Wallet”, and then select “MEW CX” (we’ll connect with MetaMask). Accept the terms and click
the “Access My Wallet” button. This should bring up a MetaMask Connect Request notification,
where you can click Connect.
Interact with a contract / send a transaction Click on the Contract / Interact with Contract:
Enter a contract address: 0xFB81aDf526904E3E71ca7C0d2dc841a94B1E203C
and copy/paste the ABI/JSON at https://ecen4133.org/static/vuln-abi.json into the
ABI/JSON Interface field. Click Continue.
Deposit Ether in contract This contract lets you deposit and withdraw Ether, and tracks the
balance that you’ve entered. Try using the deposit function to deposit a small amount of Ether
(e.g. 0.05 ETH). Enter the value and click Write, then confirm the transaction in MetaMask. This
creates a transaction, that you can click on in MetaMask to view on Etherscan.io (an Ethereum
block/contract/transaction explorer website). You can see all the transactions that have interacted
with this contract here:
How much ETH does this contract have in its balance?
Read from the contract Now select “balances” and enter your MetaMask account address (e.g.
0x5a7A84f39f5F9E653b9ee54DC1dB0BfF34EF2b10). Click Read. The value returned will be in
Wei, which is 10−18 Ether, the smallest unit of ETH.
Notice that reading a contract does not require any confirmation from MetaMask, and does not
create a transaction. Why not?
Make your own contract with Remix
Remix is an online IDE for Ethereum smart contracts. You can write contracts in Solidity, a
high-level language that compiles down to Ethereum VM Bytecode (what miners use to execute
contracts). Go to https://remix.ethereum.org/.
Select Solidity, and New File, and give it a name. You can write your own source, or copy in the
above vulnerable contract (and modify it, if you want!) from https://ecen4133.org/static/
vuln.sol. Click Compile.
Deploy your contract to the testnet You can use MyEtherWallet to deploy a new contract
(Contract / Deploy Contract). Paste in your Bytecode and ABI/JSON copied from Remix, and give
it a name. Click Sign Transaction, and confirm with MetaMask, and soon you’ll be able to see (and
interact) with your contract!
What to submit Part 0 is just for introduction, no need to submit anything for this part.
Part 1. Vulnerable Contracts
In this part, you’ll investigate how to steal Ethereum from vulnerable smart contracts. We have
setup a vulnerable smart contract on the Ropsten testnet that you have permission to steal funds
from. However, using this technique on other contracts you do not have the same permission for
outside this class is a crime. Remember that just because you can do something technical, doesn’t
mean that you should!
We’ve deployed our contract to address 0xFB81aDf526904E3E71ca7C0d2dc841a94B1E203C. You
can download its source from https://ecen4133.org/static/vuln.sol.
The contract has two functions: deposit and withdraw that let you send and receive money from
the contract. On the surface, it appears that an address will only be able to withdraw what that
address originally deposited. But this contract is vulnerable to a bug that lets you extract more if
In this part, you’ll write and use a contract that steals funds from the Vuln contract. Your goal is
to make a contract that includes a payable function, that interacts with the Vuln contract to steal
funds from it. Your contract should let you pay it a small amount (e.g. 0.1 ETH), and then later
let you extract a greater amount (e.g. 0.2 ETH). If we look at the (internal) transactions between
your contract and the Vuln contract, we should see that yours sends (deposits) less than it gets back
(withdraws) from the Vuln contract.
Note : This is a class-wide contract, and only has so many testnet coins in it. As such, please limit
your stealing to a humble amount, so that others can also enjoy the thrill of stealing as well. We
suggest trying to deposit/steal small amounts such as 0.1 ETH (100 finney) at a time. You don’t
need to steal all the coins to prove that you can, but if you end up stealing too much, you can always
deposit() it back.
Feel free to deploy your own copy of the Vuln contract (and fund it with your own testnet coins) to
practice attacking before you try to attack the main Vuln contract.
What to submit
1. Your stealing contract, attack.sol, that you used to extract more funds than you deposited.
2. A plaintext file, attack.txt, that lists the deployed address of your attack.sol contract (e.g.
Upload to Canvas a gzipped tarball (.tar.gz) named project5.identikey1.identikey2.tar.gz.
You can make a tarball with
$ tar czf project5.identikeys.tar.gz ./attack.sol ./attack.txt The tarball should
contain only the following files:
Your stealing contract attack.sol, and a plaintext file attack.txt with its deployed address.