-
Notifications
You must be signed in to change notification settings - Fork 4
11. Elevator
Reach the top of the Building.
The Elevator never implements the isLastFloor() function from the Building interface. An attacker can create a contract that implements this function as it pleases him.
Interfaces are similar to abstract contracts, but they cannot have any functions implemented. Contracts need to be marked as abstract when at least one of their functions is not implemented.
Contract Interfaces specifies the WHAT but not the HOW. Interfaces allow different contract classes to talk to each other. They force contracts to communicate in the same language/data structure. However interfaces do not prescribe the logic inside the functions, letting the developer to implement it. Interfaces are often used for token contracts. Different contracts can then work with the same language to handle the tokens.
Interfaces are also often used in conjunction with Inheritance.
When a contract inherits from other contracts, only a single contract is created on the blockchain, and the code from all the base contracts is compiled into the created contract. Derived contracts can access all non-private members including internal functions and state variables. These cannot be accessed externally via
this, though. They cannot inherit from other contracts but they can inherit from other interfaces.
- Write a malicious attacker contract that will implement the
isLastFloorfunction of theBuildinginterface - Implement
isLastFloorNote thatisLastFlooris called 2 times ingoTo. The first time it has to returnFalse, but the second time it has to returnTrue - Invoke
goTo()from the malicious contract so that the malicious version (Building(msg.sender)) of theisLastFloorfunction is used in the context of our levelβs Elevator instance.
Interfaces guarantee a shared language but not contract security. Just because another contract uses the same interface, doesnβt mean it will behave in the same way.