Your Choice JavaScript News

Solidity News Saturday, March 10 Input data, Erc20 tokens, Loom recent fiddles & more…

Solidity News TLDR / Table of Contents

  • According to the post, when certain exchanges processed transactions of ERC20 tokens, input validation was not being performed on account address length.
  • First and foremost, an attacker would need to manipulate the input data such that A) the provided address resolved to a valid account (ideally one owned by the attacker) and B) the amount specified was less than or equal to that of the exchanges own supply of ERC20 tokens.
  • Lets say we have the following contract written in Solidity: – – If I wanted to send coins to another address, I would create a transaction with input data that would look something like this (with added line breaks for clarity): – – Now what would happen if the client…
  • An exchange with a supply of ERC20 tokens must not be performing user input validation or proper padding when preparing transaction input data.
  • The result would likely be the transfer of tokens to an Ethereum account that would never exist due to an invalid address (recall here that a ERC20 token transfer would be a change of state within the contract itself, not an actual transaction from an existing address to an invalid…

Tags: input data, ERC20 tokens, address, Golem Project, input validation

    Tags: Loom Recent Fiddles, Loom Network Deploy, Solidity IDE,

      Tags: gas estimator reports, trace vulnerabilities, source community contributors, real exploits, infamous Parity bug

      Top Solidity Courses

      Getting Started with Ethereum Solidity Development (6,530 students enrolled)

      By Sebastien Arbogast
      • Understand the basic philosophy behind the blockchain and distributed/decentralized applications
      • The basics of how a blockchain generally works, just enough to be able to use it as a development platform
      • Develop a distributed application, from creating a blank project to deploying it in production all the way through writing smart contracts, unit testing them, and creating a user interface for them
      • How to combine the right tools to put together a consistent development environment
      • The fundamentals of the Solidity smart contract language
      • How to use the Truffle build and testing framework
      • How to deploy a decentralized app to various Ethereum instances (testrpc, private chain, test chain, main net)

      Learn more.

      Ethereum Blockchain Developer: Build Projects Using Solidity (10,937 students enrolled)

      By Ravinder Deol
      • Be Proficient In Solidity Programming By Building Projects In This Course.
      • Understand Blockchain Technology At A Theoretical And Practical Level.
      • Be Aware On A Practical Level Of How Smart Contracts Operate.
      • Be Able To Work With The Ethereum’s Major Core Development Tools.
      • Understand The Core Development Functions Of Ethereum.
      • Understand What Decentralisation Is As We’re Working With This Technology.
      • Be Able To Explain The Structure Of A Solidity Clearly Through Practical Examples.
      • Understand How To Use Web3 In Conjunction With The Project We’re Creating.
      • Be Proficient In Advanced Development With Truffle And Ethereum Studio.
      • Complete A Final Assignment Which Consists Of An Ethereum Blockchain Based Curriculum Vitae.

      Learn more.

      Ethereum : Decentralized Application Design & Development (9,794 students enrolled)

      By Rajeev Sakhuja
      • Leverage the Ethereum tools/software such as Wallet, Geth, MetaMask, Remix, TruffleV4, Ganache....
      • Create an ERC20 Compliant token to launch an Initial Coin Offering (ICO)
      • Setup Private Blockchain Network
      • Develop Smart contracts in Solidity using multiple tools such as Web3/Ganache/TruffleV4/Mocha framework
      • Comfortably describe how Ethereum Blockchain works | Ethers, Gas, POW, POS, Nodes ...
      • Describe how the Blockchain technologies work | Distributed Ledgers, Consensus, Mining ....
      • Develop UI/front end for Decentralized Application in HTML/CSS/Javascript using web3 libraries
      • Develop end to end Decentralized Applications (DAPP) on Ethereum platform
      • Setup private Ethereum networks for development & experimentation
      • Identify and use the right design patterns for developing smart contracts
      • Architect, Design & Build real use cases on Ethereum platform

      Learn more.

      The Complete Ethereum Course: Get .001 Ether In Your Wallet (4,273 students enrolled)

      By Ravinder Deol
      • Understand how Ethereum, the emerging cryptocurrency works, and get involved with it practically as well as learning the theoretical side of the cryptocurrency.
      • Realise how becoming an early adopter of Ethereum gives you the best chance to capitalize on its rise, as many would have missed the meteoric rise of Bitcoin.
      • Undertake your first ever Ethereum transaction by receiving .001 Ether from me for completing this course, I will of course walk you through how to setup your wallet.

      Learn more.

      Compile Your First Ethereum Smart Contract With Solidity (245 students enrolled)

      By Will Bunker
      • Compile a basic smart contract
      • Set a private blockchain for testing
      • Deploy smart contract to blockchain
      • Call the functions on smart contract.

      Learn more.

      Learn Solidity: Programming Language for Smart Contracts (3,153 students enrolled)

      By Toshendra Sharma
      • Develop Ethereum Smart Contracts using Solidity
      • Understand the basics & advance features of Solidity & Ethereum Virtual Machine
      • Develop their own decentralized blockchain applications

      Learn more.

      Comments are closed, but trackbacks and pingbacks are open.