# General Information
# Course Description
CS8803 is an unstructured, lab/project-based course that guides you to learn how to exploit smart contracts. It provides a set of the Capture The Flag (CTF)-like problems every week, helping you to learn through real-world practice. In the first half of the semester, you will learn the concrete idea of what smart contracts are in Ethereum, how to write one by using Solidity, how to build popular dApps like NFT and DeFi, and most interestingly, how to find bugs and exploit them, likely for profit. The second half of the semester, you will be asked 1) to prepare a set of challenges for a provided topic that mimics a real-world hacking incident, and 2) either audit real-world smart contracts for bug bounties or perform a research project on smart contracts.
In short, at the end of the semester, you truly understand:
- Ethereum Yellow Paper (opens new window)
- Solidity (opens new window)
- Tools: Brownie (opens new window), Web3py (opens new window), Remix (opens new window)
- Hacks (opens new window)
# Structure
- Week 01-06: Guided Labs/CTF
- Week 07-10: Challenges prepared by each team
- Week 11-14: Bug hunting! or research project
# Prerequisite
None but having past CTF experience would be a big plus. Knowing a high level language like Python or Javascript is also useful.
# Class Meetings
- When: 2:00pm-4:45pm, Friday
- Where: CoC 52
# Office hours and Recitation
TBD.
# Grading Policy
- 30% Lab
- 30% Team challenges
- 40% Bug hunting or project
It's an experimental class, designed all together by students and instructors, so the detailed grading policy is subject to change.
# Online Discussion
Online discussion is strongly encouraged and it will help you a lot in solving lab problems. Please log into Ed Discussion via Canvas and post your questions, ideas, and thoughts.
# Misconduct Policy
Please read GT's Academic Misconduct Policy (opens new window).
WARNING
# Cheating vs. Collaboration (opens new window)
Collaboration is a very good thing. On the other hand, cheating is considered a very serious offense and is vigorously prosecuted. Vigorous prosecution requires that you be advised of the cheating policy of the course before the offending act.
For this semester, the policy is simple: don’t cheat:
- Never share code or text on the project.
- Never use someone else’s code or text in your solutions.
- Never consult project code or text that might be on the Internet.
On the other hand, for this class, you are strongly encouraged to:
- Share ideas.
- Explain your code to someone to see if they know why it doesn’t work.
- Help someone else debug if they’ve run into a wall.
If you obtain help of any kind, always write the name(s) of your sources.
Schedule →