/honeypot-exploration

Safely explore a known honeypot contract using a forked network

Primary LanguageJavaScript

Exploring a honeypot contract

In this /r/ethdev post, /u/CurrencyTycoon describes his attempt to exploit a contract with a reentrancy attack. Little did he know, the contract was a honeypot.

This repository attempts to demonstrate that honeypot using the forking feature of ganache-cli. Ganache is a fast, lightweight development blockchain, and is part of the Truffle toolsuite. Disclosure: I maintain Ganache.

Explanation

There are two ways the contracts can be run: locally, and forked.

When running locally, we deploy both the target to exploit and the exploit contract to our local blockchain created by Ganache. For the target to exploit, we use the contract code displayed on EtherScan.

When running in forked mode, we only deploy our exploit, and we use Ganache to fork mainnet. See migrations/2_bank.js and migrations/3_exploit.js to see how this is accomplished.

For details about the honeypot contract itself, see the reddit post which inspired this repo, and Alex Sherbuck's writeup on how the honeypot contract works in this Medium blog post.

Usage

This is a node.js project. If you don't already have node.js installed, I highly recommend installing it with NVM. See the README page there for instructions.

Make sure to install project dependencies by running npm install in the root directory of this repo.

To run in "local" mode (see explanation above), open two consoles. In one, run npm run local_testnet, and in the other run npm run local_migrate && npm run local_test.

Similarly, to run in "forked" mode, open two consoles. In one, run npm run forked_testnet, and in the other run npm run forked_migrate && npm run forked_test.

To understand how it all works, see the exploit contract in contracts/Exploit.sol, and the test in test/exploit.js.