A working collection of smart contract vulnerabilities, built, broken, and exploited by hand while training toward smart contract security auditing. Every bug here has a contract that's actually vulnerable and a Foundry test that actually proves it, including the cases where an "obvious" exploit turns out not to work, and why.
Reading about a vulnerability class once and moving on doesn't build the instinct an auditor actually needs. This repo is the slower, more deliberate version: write the vulnerable contract from scratch, write the attacker from scratch, run it, and only move on once the result is fully explained, including the negative results.
| Category | Contract(s) | Result | Finding |
|---|---|---|---|
| Reentrancy: textbook | reentrancy/textbook/textbook.sol |
Does not drain | Subtraction-based withdrawal ledger. Repeated reentrant calls underflow on unwind. Solidity 0.8+ reverts before you can extract more than your entitlement, since over-extracting via fixed-amount subtraction is an underflow by definition. |
| Reentrancy: textbook | reentrancy/textbook/airdrop.sol |
Exploitable | One-time claim flag, no arithmetic involved. Booleans don't underflow, so repeated reentrant claims drain a fixed-reward pool with nothing to stop them. |
| Reentrancy: cross-function | reentrancy/cross-function/staking.sol |
Exploitable | Claiming a reward locks the stake for 7 days. Honest users who claim then try to withdraw get blocked correctly. Reentrancy claims the reward and withdraws the full stake in one transaction, before the lock is ever written. |
forge test -vvvEvery finding above has a matching test. Where relevant, the test proves both halves: that an honest user is correctly blocked, and that attacker gets through anyway.
Each contract is built to isolate exactly one root bug.
- Cross-contract reentrancy
- Read-only reentrancy
- Access control
- Arithmetic / precision
- Oracle manipulation
Built while working through Cyfrin Updraft's Solidity, Foundry, and smart contract security curriculum.