Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Solidity by Example
Applications
| Question | Answer |
|---|---|
| What is an example of a basic wallet? | An example of a basic wallet is one where anyone can send ETH, but only the owner can withdraw. |
| What are the specifications for creating a multi-sig wallet? | The specifications for creating a multi-sig wallet are that the wallet owners can submit a transaction, approve and revoke approval of pending transactions, and anyone can execute a transaction after enough owners have approved it. |
| How does a Merkle tree enable you to cryptographically prove an element is contained in a set? | A Merkle tree allows you to cryptographically prove that an element is contained in a set without revealing the entire set. |
| How can I create an iterable mapping? | You cannot iterate through a mapping directly, so you need to use an array to complement the mapping in order to make it iterable. |
| What is an ERC20 token? | An ERC20 token is a contract that follows the ERC20 standard. |
| What functionalities do ERC20 tokens provide? | ERC20 tokens provide functionalities to transfer tokens and to allow others to transfer tokens on behalf of the token holder. |
| What are the conditions for transferFrom to succeed? | For transferFrom to succeed, the sender must have more than the amount of tokens in their balance and must have allowed TokenSwap to withdraw the amount of tokens by calling the approve method. |
| How can I precompute a contract address? | Contract address can be precomputed before the contract is deployed by using the CREATE2 opcode. This opcode uses the deployer address, a salt (an arbitrary value provided by the sender) and the to-be-deployed contract’s bytecode to calculate the address |
| How can I deploy a contract multiple times cheaply? | If you have a contract that will be deployed multiple times, you can use a minimal proxy contract to deploy them cheaply. |
| How can I deploy a contract? | You can deploy any contract by calling Proxy.deploy(bytes memory _code). This call will create a new contract with the given bytecode. The bytecode can be obtained by calling the Helper function. |
| How is Solidity storage organized? | Solidity storage is like an array of length 2^256, with each slot in the array storing 32 bytes. |
| How are state variables stored in Solidity? | The order of declaration and the type of state variables define which slots they will use. |
| What are Payment Channels? | Payment Channels are a technology designed to allow participants to make multiple transactions off-chain without custody, while only recording the opening and final balances on the blockchain. |
| What are Bi-directional Payment Channels? | Bi-directional Payment Channels are a type of payment channel that allows participants Alice and Bob to transfer Ether off-chain in both directions repeatedly. |
| What is the purpose of TimeLocks in DAOs? | TimeLocks are commonly used in DAOs to restrict the spending of funds until a specified future time or block height. This helps to ensure that funds will only be spent in accordance with the rules and regulations of the DAO. TimeLocks also help to make fe |
| What are the preventative techniques for using blockhash and block.timestamp as source of randomness? | The preventative technique for using blockhash and block.timestamp as source of randomness is to not use them as source of randomness. |
| What is the denial of service exploit mentioned? | The denial of service exploit mentioned is the attack of making the function to send Ether fail. |
| What is a preventative technique to avoid this exploit? | A preventative technique to avoid this exploit is to allow users to withdraw their Ether instead of sending it. |
| What is the difference between msg.sender and tx.origin? | The tx.origin global variable refers to the original external account that started the transaction while msg.sender refers to the immediate account (it could be external or another contract account) that invokes the function. |
| What is a preventative technique to avoid malicious contracts deceiving the owner of a contract? | A preventative technique to avoid malicious contracts deceiving the owner of a contract is to use msg.sender instead of tx.origin. |
| What is the vulnerability when hiding malicious code with external contract? | The vulnerability when hiding malicious code with external contract is that any address can be casted into a specific contract, even if the contract at the address is not the one being casted. This can be exploited to hide malicious code. |
| What are some preventative techniques to avoid this vulnerability? | Some preventative techniques to avoid this vulnerability are to initialize a new contract inside the constructor and make the address of external contract public so that the code of the external contract can be reviewed. |
| What is a honeypot? | A honeypot is a network-attached system set up as a decoy to lure cyber attackers and detect, deflect and study hacking attempts to gain unauthorized access to information systems. |
| What vulnerability can be exploited to build a contract that will catch malicious users? | The vulnerability that can be exploited to build a contract that will catch malicious users is combining two exploits, reentrancy and hiding malicious code. |
| What is front running? | Front running is a mechanism where an attacker can watch the transaction pool and send a transaction, have it included in a block before the original transaction. This can be abused to re-order transactions to the attacker's advantage. |
| What are some preventative techniques to avoid front running? | Some preventative techniques to avoid front running are to use a commit-reveal scheme or use a submarine send. |
| What is a commitment scheme? | A commitment scheme is a cryptographic algorithm used to allow someone to commit to a value while keeping it hidden from others with the ability to reveal it later. |
| What are the two phases of a commitment scheme? | The two phases of a commitment scheme are a commit phase in which a value is chosen and specified, and a reveal phase in which the value is revealed and checked. |
| What is the vulnerability when manipulating block timestamps? | The vulnerability when manipulating block timestamps is that a miner can manipulate the block timestamp which can be used to their advantage to attack a smart contract. |
| What is the preventative technique to avoid this vulnerability? | The preventative technique to avoid this vulnerability is to not use block.timestamp as a source of entropy and random number. |
| What is signature replay? | Signature replay is a vulnerability where the same signature can be used multiple times to execute a function, which can be harmful if the signer's intention was to approve a transaction once. |
| What is the vulnerability when signing messages off-chain? | The vulnerability when signing messages off-chain is that the same signature can be used multiple times to execute a function, which can be harmful if the signer's intention was to approve a transaction once. |
| What is the purpose of signing messages off-chain? | The purpose of signing messages off-chain is to reduce the number of transactions on chain and to enable gas-less transactions, called meta transactions. |
| What is the preventative technique to avoid this vulnerability? | The preventative technique to avoid this vulnerability is to sign messages with a nonce and address of the contract. |
| What is the vulnerability when an address is a contract? | The vulnerability when an address is a contract is that the size of code stored at the address will be greater than 0. |
Created by:
jauvany
Popular Engineering sets