Skip to content

Commit

Permalink
📝 Update README.md
Browse files Browse the repository at this point in the history
  • Loading branch information
cairoeth authored Dec 29, 2023
1 parent 935b686 commit 9385526
Showing 1 changed file with 3 additions and 151 deletions.
154 changes: 3 additions & 151 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Blaz CTF 2023
# OpenZeppelin CTF 2023

This repo contains the infrastructure & challenges for the Blaz CTF in 2023. The infrasturcture is built on top of [kCTF](https://github.com/google/kctf).
This repo contains the infrastructure & challenges for the OpenZeppelin CTF in 2023. The infrasturcture is built on top of [kCTF](https://github.com/google/kctf) and forked from [blazctf-2023](https://github.com/fuzzland/blazctf-2023).

Directory:
* `infrastructure`: Contains the infrastructure code forked from [paradigm-ctf-infrastructure](https://github.com/paradigmxyz/paradigm-ctf-infrastructure) with some modifications.
Expand All @@ -16,152 +16,4 @@ Remember to delete existing instance before you switch to another challenge.


# Challenges

Below is the list of challenges and authors' solution.

## Hello World
By tonyke (@tonyke_bot) / 9 Points

**Description**:

Tony heard about Ethereum and decided to explore. Soon, he discovered an interesting transaction: 0xe19bd1067cbdc46d6fdb8b374e3ca384c32fd88e1413a9434e03c36b36924877

Solution: https://github.com/fuzzland/blaz-ctf-2023/blob/main/solutions/hello-world.md

## Rock Scissor Paper
By tonyke (@tonyke_bot) / 99 Points / [Handouts](https://get.fuzz.land/rock-paper-scissor.zip
)

**Description**:

Tony found out average salary of smart contract developers could reach millions of dollars. He started to learn about Solidity and deployed his first ever smart contract of epic rock scissor paper game!

Solution: https://github.com/fuzzland/blaz-ctf-2023/blob/main/solutions/rock-paper-scissor.md

## Eazy NFT
By doudou (@i0xAWM) / 111 Points / [Handouts](https://get.fuzz.land/eazy-nft.zip)

**Description**:

NFT market was slowly booming and Tony's friends were showing off their NFT holdings. Tony had finally whitelisted a NFT project, he's anxiously waiting for minting his first NFT.

Solution: https://github.com/fuzzland/blaz-ctf-2023/blob/main/solutions/eazy-nft.md

## Hide on Bush
By tonyke (@tonyke_bot) / 286 Points / [Handouts](https://get.fuzz.land/hide-on-bush.zip)

**Description**:

Tony wanted to buy Azuki NFT with ETHs but he only had USDT. He gave Uniswap a try to swap for some ETHs. He had no idea about slippage and set it to 100. Tony later discovered that he recived no ETHs. He cried all day.

Solution: https://github.com/fuzzland/blaz-ctf-2023/blob/main/solutions/hide-on-bush.md

## Missing
By doudou (@i0xAWM) / 383 Points / [Handouts](https://get.fuzz.land/missing.sol)

**Description**:

Tony is dizzy by Web3's various projects and technologies. He needs to clear his veins. Let's see what he will do.

Solution: https://github.com/fuzzland/blaz-ctf-2023/tree/main/solutions/missing

## Lockless Swap
By shou (@shoucccc) / 165 Points / [Handouts](https://get.fuzz.land/lockless-swap.zip)

**Description**:

With all his fancy onchain games built, Tony got successfully hired by Pancakeswap. He was in charge of reducing gas cost when swapping tokens. One day, he figured reentrancy lock keeps writing storage, which is quite costly. He secretly removed the lock, handed to CertiK for audits, and deployed the new gas-savvy Pancakeswap V2.

Solution: https://github.com/fuzzland/blaz-ctf-2023/tree/main/solutions/lockless-swap

## Ketai
By shou (@shoucccc) / 253 Points / [Handouts](https://get.fuzz.land/ketai.zip
)

**Description**:

Tony got fired from Pancakeswap. To pay his rents, Tony started to build shitcoins. Here is his first shitcoin Ketai. Luckily, Tony was friend of CZ and secured $5m investment for Ketai.

Solution: https://github.com/fuzzland/blaz-ctf-2023/tree/main/solutions/ketai

## Tornado Crash
By Hanzhi (Riema Labs) @MisakaCenter / 478 Points / [Handouts](https://get.fuzz.land/tornado-crash.zip)

**Description**:

Ether price plummeted. Tony figured Ethereum would die shortly. After his friends told him ZK was going to be the next hot spot, Tony started to learn ZK. However, he was so bad at math that he couldn't even understand simple concepts. To get hired as a ZK engineer, Tony deployed an ancient ZK protocols to the chain, claiming it is built by him.


Note: This challenge uses the same code as <a href="https://github.com/barryWhiteHat/miximus">Miximus</a> with <a href="https://drive.google.com/file/d/1OMziktfWAvCr-twkNl74IxAay6YEis7R/view?usp=sharing">this proving key</a>

Solution: N/A

## Cup of Tea
By yype (@_yype) / 405 Points / [Handouts](https://get.fuzz.land/cup-of-tea.zip)

**Description**:

Tony got some $sui from his friend Shou. He decided to contribute to the ecosystem. Here is his first ever Move module built.

Solution: https://github.com/fuzzland/blaz-ctf-2023/tree/main/solutions/cup-of-tea

## Saluting Ducks
By shou (@shoucccc) / 405 Points / [Handouts](https://get.fuzz.land/ducks-updated.zip)

**Description**:


All Tony's shitcoins got hacked. Liquidity providers of those shitcoins sued Tony.
To reimburse the liquidity providers, Tony built a GameFi about ducks (ducks are the cutest animal!)


Hint 1: What happens when you compare values of different types in JS?

Hint 2: To solve this challenge, you need to leverage different JS features / common vulnerabilities.

Solution: https://github.com/fuzzland/blaz-ctf-2023/tree/main/solutions/saluting-ducks.md

## Be biLlionAireS Today
By shou (@shoucccc) / 253 Points / [Handouts](https://get.fuzz.land/be-billionaire-today.zip)

**Description**:

Tony led the tech team for a shady Ethereum L2. He assured the CEO that a multi-signature wallet architecture would help protect user funds. He claimed private keys of multisig owners were stored in different hardware wallets and tattooed under his feet so it is super safe.


Note: This challenge runs on fork of Ethereum. Tony added three additional addresses to the multisig:

- 0x6813Eb9362372EEF6200f3b1dbC3f819671cBA69
- 0x7E5F4552091A69125d5DfCb7b8C2659029395Bdf
- 0x2B5AD5c4795c026514f8317c7a215E218DcCD6cF

Solution: https://github.com/fuzzland/blaz-ctf-2023/tree/main/solutions/be-billionaire-today.md

## Maze
By publicqi (@publicqi) / 195 Points / [Handouts](https://get.fuzz.land/maze.zip)

**Description**:

Tony made billions $ from rug pulling. He bought an island in Fiji, started to study philosophy, and devoted to learning labyrinth.


Solution: https://github.com/fuzzland/blaz-ctf-2023/tree/main/solutions/maze

## Ghost
By Robert Chen (OtterSec) @notdeghost / 274 Points / [Handouts](https://get.fuzz.land/ghost.sol)

**Description**:

"Memory cannot be defined, yet it defines mankind."


Solution: N/A
## Jambo
By publicqi (@publicqi) / 158 Points / [Handouts](https://get.fuzz.land/jambo.sol)

**Description**:

Tony went crazy. No one knows what he has deployed on Ethereum.

Solution: https://github.com/fuzzland/blaz-ctf-2023/tree/main/solutions/jambo

WIP

0 comments on commit 9385526

Please sign in to comment.