Ethernaut Lvl 3 Coin Flip Walkthrough: how to abuse psuedo randomness in smart contracts

This is a in-depth series around Zeppelin team’s smart contract security puzzles. I’ll give you the direct resources and key concepts you’ll need to solve the puzzles 100% on your own.

How Ethereum generate “randomness”

There’s no true randomness on Ethereum blockchain, only random generators that are considered “good enough”.

Example of input variables that are often cryptographically hashed

This method of deriving pseudo-randomness in smart contracts makes them vulnerable to attack. Adversaries who know the input, can thus guess the “random” outcome.

Detailed Walkthrough

  1. Inside Remix IDE, create a malicious contract that closely mirrors CoinFlip.sol:

Key Security Takeaways

  • There’s no such thing as true randomness
  • Be careful when calculating “randomness” in your contract (or even when inheriting from an existing random numbers library). In cases where you use randomness to determine contest winners, remember that adversaries can easily guess the random outcome and hack your game!

More Levels



Engineer. Tweets @0xSage

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store