- Smart contract in the solidity vulnerable to a Reentrancy attack having Ownable and Pausable functionalities, and emitting event when vulnerable function is executed.
- Notification microservice for the execution of the vulnerable function.
- Monitor the mempool, and when the transaction is in the Mempool but is yet to be executed (or added in the next block), flag this transaction as a suspicious transaction.
- Microservice that frontruns the suspicious transaction by executing the pause function.
- Configured private Geth Node for blockchain.
- Vulnerable smart contract using classic reentrancy example of vault.
- Attack smart contract for attacking the vault smart contract.
- Another hardhat node started as forking from Geth Node.
- Listening to pending transactions on the geth node.
- If vulnerable event emitted on the pending transaction while execution in hardhat node, then marking it as suspicious.
- Front running the suspicious transaction with pause transaction.
git clone https://github.com/PranavKumar-15032001/reentrancyNotificationcd reentrancyNotification cd geth
geth init --datadir data genesis.json
bash bash start-geth.shBuild the project from root directory and deploy the smart contract:
npm i
npx hardhat run scripts/deploy.js --network geth #Deploy Vault Smart ContractIn another terminal start backend server from root directory :
yarn startRunt the following scripts in seprate terminal
npx hardhat run scripts/deposit.js --network geth #Deposit into the vault
npx hardhat run scripts/attack.js --network geth #Attack the vault smart contract
npx hardhat run scripts/unpause.js --network geth #Unpause Vault Smart Contract