Ethernaut mid August 2019 update

Hi Ethernauts,

Upgrade to Solidity 0.5

@paulinablaszk has been upgrading all the smart contracts to Solidity 0.5 in https://github.com/OpenZeppelin/ethernaut/pull/123. All the tests are now working

To deploy the contracts we needed to upgrade truffle-contract though this then causes an issue running Ethernaut.

I assume we need to transpile truffle-contract, all help appreciated (I am new to JavaScript ): https://github.com/OpenZeppelin/ethernaut/pull/123#issuecomment-521896117

Once we have this working we can test Ethernaut and then upgrade the production version.

Next Steps

Once we have upgraded all the contracts to Solidity 0.5 then we can work on:

• Lint the JavaScript and Solidity: https://github.com/OpenZeppelin/ethernaut/issues/129
• Add error messages for require statements: https://github.com/OpenZeppelin/ethernaut/issues/147
• Update to prevent double button actions https://github.com/OpenZeppelin/ethernaut/issues/12
• Update the text https://github.com/OpenZeppelin/ethernaut/issues/130
• Update the UI https://github.com/OpenZeppelin/ethernaut/pull/140
• Create a contributing guide https://github.com/OpenZeppelin/ethernaut/issues/119
• Review the proposed levels (and upgrade to Solidity 0.5 if required) e.g. https://github.com/OpenZeppelin/ethernaut/pull/101

Future

I Ethernaut and would love to see it used more to help new and experienced developers learn more about secure smart contract development.

One of the ideas that has been proposed is to make Ethernaut more structured, so that it is easier for the community to use and follow.

We could have a level per vulnerability in the Compiled list of solidity vulnerabilities

Then we could have a topic per level in the forum for documentation and discussion.

This would also make it more structured for community members to join in building levels as there would be a list of levels that we need.

1. What do you think of this idea of a structured approach?
2. How can we make the most of Ethernaut?
3. Do we want to call ourselves Ethernauts?

Please share your thoughts with the Ethernauts.

Tagging: @paulinablaszk, @obernardovieira, @frederickalcantara, @scammi, @martriay, @ylv-io, @redragonx, @ianbrtt, @abcoathup, @martriay, @elopio, @fasteater plus any community members who want to get involved.

Thanks @abcoathup for leading the efforts here.

And thanks to everybody who has contributed code to improve the Ethernaut.
I’m happy to help you to get all of the PRs merged, and then to start thinking of new and more structured and pedagogical levels.

I’m not sure if I will be able to solve the blockers. But I will take a look next week and at the very least I can help bothering people with the right knowledge to give us a hand

Adding also @fasteater to the tagging, because his mad skills to organize knowledge can be very useful.

I love the idea of a structured approach and using the vulnerability list. I can help decide which vulnerability is good to start with and we can gradually move on to more complexed issues since the list is not ordered.

I would call myself Ethernaut for sure

Thank you @abcoathup, it sounds like a really good plan
I very like the idea of a more structured approach. I think it can help Ethernaut to become more popular and useful. Level per vulnerability can be really cool

Thank you so much @abcoathup.

Yes, I think it will be good to have it structured. And it’s definitely more than time to take it to another level. It has proved to be a really awesome kind of game. Actually, is there a way to “gamify it” a bit more?

Ideas appreciated.

There was some work on a highscore board https://github.com/OpenZeppelin/ethernaut/issues/73

We could potentially create badges in the forum.

First hurdle at the moment is to get the contracts upgraded to Solidity 0.5.