packages/hardhat/contractsfolder and check out what contracts we have there.
withdrawmethod, the bank smart contract firstly sends funds to the user and only after that deducts this
log. It simply compares our
_actionto a value and if it is equal to "Withdraw", we revert our entire operation.
revertthere? If you do know yet, all operations on Ethereum are atomic. It means that if at some moment some operation on chains of operations fails, the entire transaction is reverted and nothing changes on the blockchain.
fallbackfunction that causes "vulnerable" contract to send us funds again and again..
0.03ETH locked in it. I am an evil hacker that wants to hack it. I deploy my
Attack.solcontract and call my
attackfunction along with
0.01ETH sent with it.
0.01 ETHand reentrancy comes to an end.
logfunction reverts the entire chain of operations and no money was stolen! However, we now know the address of a hacker 😎
scaffold-ethto make sure our assumption works fine.
attackfunction and send
0.01ETH along with our function call.
Failed to send the Ether.
logline in our
Bank.solto make sure that without it the attack works just fine.
yarn deployit again.
logfunction from a
Honeypotcontract saves us from being hacked.