Skip to content

hknio/Auditing-Bridge-Smart-Contracts-Webinar

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
src
src
 
 
test
test
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
foundry.toml
foundry.toml
 
 
remappings.txt
remappings.txt
 
 

Repository files navigation

Auditing Bridge Smart Contracts

Vulnerabilities & Live Code Review

Prepared by Olesia Bilenka | Smart Contract Auditor @ Hacken

Overview

This repository contains vulnerable bridge smart contracts and their fixes, organized around four security axes. Each exercise demonstrates a realistic exploit in Foundry and shows how the same test fails after applying the fix.

Quick Start

git clone https://github.com/AuditBridgeWebinar/auditing-bridge-smart-contracts-webinar.git
cd auditing-bridge-smart-contracts-webinar
forge install
forge build

Run all exploits (should pass):

forge test --match-contract Vulnerable

Run same tests against fixes (should fail):

forge test --match-contract Fixed

Structure

src/
├── layer-1-trust-authorization/
│   ├── 1-incomplete-hash/          No domain binding in message hash
│   ├── 2-incorrect-ordering/       Gap-tolerant nonce, unsigned nonce
│   ├── 3-duplicate-signers/        N-of-M threshold bypass via duplicates
│   ├── 4-stale-attestation/        Oracle with no freshness window
│   └── 5-optimistic-bypass/        Challenge flag ignored in execute
│
├── layer-2-message-integrity/
│   └── 1-partial-payload/          Signature doesn't bind full execution
│
├── layer-3-economics-invariants/
│   └── 1-supply-inflation/         Lock/release on both chains doubles supply
│
└── layer-4-liveness-recovery/
    └── 1-upgrade-breaks-inflight/  Format upgrade kills pending messages

Four Security Axes

Axis Question Live Demo
Trust / Authorization Who can authorize a mint and how? 5 exercises
Message Integrity Does the signature bind the full payload? 1 exercise
Economics / Invariants Is total supply conserved across chains? 1 exercise
Liveness / Recovery Can users recover if operations fail? 1 exercise

Running Individual Exercises

# Axis 1
forge test --match-contract IncompleteHash_Vulnerable -vvv
forge test --match-contract IncorrectOrdering_Vulnerable -vvv
forge test --match-contract DuplicateSigners_Vulnerable -vvv
forge test --match-contract StaleAttestation_Vulnerable -vvv
forge test --match-contract OptimisticBypass_Vulnerable -vvv

# Axis 2
forge test --match-contract PartialPayload_Vulnerable -vvv

# Axis 3
forge test --match-contract SupplyInflation_Vulnerable -vvv

# Axis 4
forge test --match-contract UpgradeInflight_Vulnerable -vvv

Replace _Vulnerable with _Fixed to see the same exploit blocked.

Tools

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

1 star

Watchers

0 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages