This project demonstrates a basic Front Running of a Transaction. A test for that contract, script to watch mempool of the Goerli Testnet to when a Tx from a particular contract is executed, and then script will execute another tx to stop the first Tx.
- Solidity (language used for smart contract)
- Web3 and ethers (To interact with blockchain )
- Hardhat (For testing smart contract)
- Express.js (To create environment)
- Alchemy (for Test Node)
lib in ERC20 smart contract :
- ERC20
- ownable
- pauseable
A ERC20 smart contract with reentrancy vulnerable function named as "vulnerable" which mint in the account of the given address parameter, it contains Event minting which is used to notify owner that particular function is invoked.
using websocket url from alchemy and inserting it with new ethers.providers.WebSocketProvider(wss) from ether to render event from contract
with a microservice a mail is sent as the notification to owner given mail with details from the mempool of transaction while tx is still in pending.
scanning mempool to find the tx that is "vulnerable", and details around it.
Then see if the next tx is from the same address and can flag it as suspicious transaction,
once flagged second tx will be frontrunned by the 3rd tx which will pause the miniting process as we already have "pausable" functionality in the smartcontract.
-
Getting contract details to create an instance of the contract , for example we are using the above contract, vulenerable function is exposed to public but it has a Modifier pauseable which ensure the status of the smart contract.
-
If a tx is found from the contract address in mempool scanning , that will tigger function changepauseable to change the state of contract.
2.1)false : open to attack
2.2)true : paused and won't allow minting -
Sending a tx before the first tx which should be executed before the first Tx
-
Gas of the second tx should be more then 75k and less the GasBlock limit.
-
Transaction with higher gas fees is executed first and will change the status of the contract to True
-
And first tx gas fee should be less then the second tx, Front running is Done.
Please review video and screenshot that are attached with code.
Reentrancy is when same address is trying to excute a contract function repeatedly , i have created the modifier in contract to match the transaction executor. if the caller is same as previous the contract will emit an event attack with the address of attacker , only and only if the msg.sender is same as previous executor.
npm installfor installing the dependencies- To run Task1 use
npm run task1 - To run Task2 use
npm run task2 - To detect Reenterancy
node task3
Try running some of the following tasks:
npx hardhat test
npx hardhat node --fork https://eth-mainnet.g.alchemy.com/v2/<YOUR API KEY>
npm run task1 Notify owner with email.
npm run task2 Front Running 
Above image is showcasing the notification is sent to given address via catching event miniting from smart contract after sending a successfully
Above image is showcasing front running of the transaction , via websocket using web3js and sending more Gas then previous transaction.
This projcet is test case with controlled variable , It is only for testing purpose as the front running depends on various factor and tx could revert with impermanent loss caution is advised.