My Coding Journey: Beginner to Pro

Thanks for sharing this awesome series with the community


I would try the Solidity 0.5 version of Ethernaut (https://solidity-05.ethernaut.openzeppelin.com/) (Once OpenZeppelin Contracts 3.0 is out of beta can see who in the community wants to upgrade the contracts to Solidity 0.6).

There are a number of community solutions, though it would be great if you wanted to write your own as well: Ethernaut Community Solutions


It is fairly straight forward to migrate from Truffle tests to OpenZeppelin Test Environment (and vice a versa if using mocha/chai based tests). I used this guide: https://docs.openzeppelin.com/test-environment/0.1/migrating-from-truffle
Feedback on the documentation is greatly appreciated.

1 Like

Sweet! Thank you for the resources. I’ll be sure to check them out.

1 Like

Day 7:

-Added the OpenZeppelin test library to my tests
+Kept getting an error about the timeout exceeding 2000ms, so I added a quick fix that disables the timeout this.timeout(0);, but maybe there’s a better fix for this? Perhaps a configuration I overlooked?

-Completed Lesson 4 of CryptoZombies

-Refresher on the batchOverflow hack on BEC

-Studied the MakerDAO vulnerability in the DSChiefApprovals contract, extended by the DSChief contract, identified by OpenZeppelin

testsPass_D7

1 Like

A post was split to a new topic: Timeout exceeding 2000ms

Day 8:

-Imported CappedCrowdsale functionality.

-Added some natspec descriptions.

-Added testing for capped crowdsale functionality. All tests pass! (So far.)

-Completed lesson 5 in CryptoZombies.

cappedTestPass_D8

1 Like

Hi @Jshanks21,

Thanks for sharing as always. :pray:

Just as an FYI: Crowdsales are not included in the OpenZeppelin Contracts v3.0 beta release and there are no plans to migrate them to Solidity 0.6.

Crowdsales were removed: we’ll continue to provide support for security issues on the v2.5 release, but will not bring them over to v3.0.

No worries! Happy to share.

I know they won’t be included in v3.0. However, I never learned how to develop them when they were popular. And in case Hester Pierce passes that bill giving ICOs a 3 year grace period, it could be helpful to know. :partying_face:

Regardless, this is all educational. I don’t intend to implement this project for production.

1 Like

On the note of education about crowdsales, it would be worth having a look at TokenTimelock and TokenVesting

I wrote an example recently:

1 Like

Perfect timing! I planned to add some timelock features next. Thank you!

1 Like

Day 9:

-Imported TimedCrowdsale.sol and added constructor arguments for them. I also added some tests, but ran into issues seen below. I believe the issue has to do with the JavaScript integer limitation MAX_SAFE_INTEGER. However, I still had issues when trying to wrap the integers in a string or BN though. The specific line of code that seems to cause this error is highlighted below.

-Finished reading about the critical vulnerability in MakerDAO and started reading the initial audit for Compund.

-Reached level 2 in Ethernaut!

timedTests_D9

The line below seems to cause the error. When commented, the tests complete with the given opening and closing times. Of course, they don’t all pass without the line below though.
timeIncreaseError_D9

1 Like

Hi @Jshanks21,

Would you mind posting the failing test and contract in the forum and I can try to reproduce?

A post was split to a new topic: Number can only safely store up to 53 bits

Day 10:

-Completed the Coin Flip level on Ethernaut. Had trouble sending the calculated answer manually, so I made a smart contract in Remix to calculate and submit the answer for me.

-Finished studying the Compund audit and began studying the Aave audit, with particular interest in the flash loan capability. This has been something I’ve wanted to learn more about since hearing about the bzx exploit. Found a great resource to build on this thanks to @Austin-Williams with his safer-flash-loans repo.

-Previous error with timed crowdsale tests are fixed! Thank you @abcoathup for the help with this. All tests pass with the syntax change when calculating time in these tests. Have a great new resource to refer to when writing my tests. Btw, are all SafeMath calculations available in tests through the helpers library?

Day 11:

  • Added WhtielistCrowdsale functionality to MyCrowdsale.

  • All tests pass!

  • Began splitting tests for specific test cases. Using the OpenZeppelin test repo to model these new tests. Only just created a test file for TimedCrowdsale.

  • TODO: Need to add more tests to TimedCrowdsale and create test files for Minted, Capped, and the OZToken contract.

  • Completed Ethernaut level 4 Telephone.

  • Studied some known attacks compiled by Consensys.

  • Found a cyber security training website called tryhackme that reminded me of Ethernaut (but not blockchain specific). @abcoathup do you think this is something worth diving into further? Or is it too far removed from a blockchain focused security perspective?

1 Like

Hi @Jshanks21,

For me, I would focus on Solidity (though that is where my interest lies).

I think follow what interests you, go down a few rabbit holes and discover what you are passionate about and that is what you want to be working on.

1 Like

Thanks for the advice @abcoathup.

I’m also most interested in Solidity, and smart contracts generally. I just wanted to see if this was something that could enhance my contribution to the space, or if it would be more of a distraction from what I should be researching.

Ultimately, I just want the things I learn to help this space grow since it’s helped me grow so much along the way.

1 Like

Day 12:

  • Extended the timed crowdsale tests. Had some minor issues with the access roles like minter role and whitelisted role initially, but easily fixed after reading various OpenZeppelin test files. Really highlighted the benefits of a test-driven development approach for a larger project as opposed to making all tests after inheriting from several contracts.

  • But all tests pass so far!

  • Did further research on the recent MakerDAO exploit where one keeper liquidated a bunch of CDPs for free after the sudden ETH dump a few days ago. Any additional information or resources on this is greatly appreciated!

  • Took notes on the video presentation by @Austin-Williams over the CDP pattern commonly seen in DeFi projects.

1 Like

Hi @Jshanks21,

You may want to join this discussion in the forum:

1 Like

Day 13:

  • Completed all TimedCrowdsale tests!

  • All tests pass!

  • Completed level 5 in Ethernaut.

  • TODO: Start MintedCrowdsale tests. Nothing like a blank slate.

1 Like

Day 14:

1 Like