·3 min readSecurity Innovation Blockchain CTF Writeup (English version)
Hello everyone! This writeup is also available in Thai, for those who prefer; please click here.
สวัสดีครับ บทความนี้มีเวอร์ชันภาษาไทยเหมือนกันนะ สำหรับคนที่ต้องแบบภาษาไทย สามารถคลิกที่นี่
First, I suggested attempting to learn the contract’s purpose, workflow, and function. This can provide a summary of the contract and a hint as to which function you should inspect.
The goal of this challenge is to drain all ETH from the contract. As there is just a single function relating to transferring ETH that can be easily noted, withdraw().
So, you can head directly to the withdraw() function and figure how to call it without reverting. It has 2 require() statements that you must make it yield true upon calling, but how?
I would like to zoom out a bit and explain what this challenge is about. It intends to lock the deployed ETH and allows you to withdraw just 1/10 per year