Skip to content

oxharshc/audited-VulnerablePiggyBank

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
Old-contract.sol
Old-contract.sol
 
 
README.md
README.md
 
 
audited-VulnerablePiggyBank.sol
audited-VulnerablePiggyBank.sol
 
 

Repository files navigation

Basic Security Audit Summary

Original Contract Problems

  1. Anyone can withdraw all money - The biggest problem
  2. Missing semicolon - Won't compile
  3. Empty attack() function - Suspicious

Fixed Version

The audited-VulnerablePiggyBank.sol fixes these issues:

  1. Only owner can withdraw - Added onlyOwner modifier
  2. Fixed syntax - Added missing semicolon
  3. Removed attack() - Removed unnecessary function
  4. Better transfer method - Used call instead of transfer

Key Changes

// OLD - BROKEN
function withdraw() public { 
    payable(msg.sender).transfer(address(this).balance); 
}

// NEW - SECURE
function withdraw() public onlyOwner {
    (bool success, ) = payable(owner).call{value: address(this).balance}("");
    require(success, "Transfer failed");
}

Result

  • ❌ Old contract: Anyone can steal all funds
  • ✅ New contract: Only owner can withdraw funds

About

Audited Source Code VulnerablePiggyBank

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages