Quiz

Question 1

Which of the following vulnerabilities are specific to the Ethereum blockchain?

Solution

• Reentrancy

• Unchecked return values

Question 2

Which of the following is more of a design issue than an implementation issue?

NOT - Timestamp

NOT - Uncheked

Solution

• Frontrunning

Frontrunning vulnerabilities exist when a smart contract is designed based off of a "first come, first served" model, there is no flaw in the implementation that makes code vulnerable.

Question 3

This code sample includes which of the following vulnerabilities?

function initContract() public {
    owner = msg.sender
}

Solution

Access control

Question 4

This code sample includes which of the following vulnerabilities?

contract King is Ownable {
    address public king;
    uint public prize;
    
    function King() public payable {
        king = msg.sender;
        prize = msg.value;
    }
    
    function() external payable {
        require(msg.value >= value || msg.value == owner);
        king.transfer(msg.value);
        king = msg.sender;
        prize = msg.value;        
    }
}

Solution

• Frontrunning

The code is vulnerable to frontrunning (because order of calls matters) and contains an access control vulnerability (King() does not test if it has been called multiple times).