Cardano Capture The Flag (CTF)
Cardano CTF: Learn Security by Breaking Things
The Cardano Capture The Flag (CTF) is an interactive security game where developers exploit purposely vulnerable smart contracts to learn about common security issues and prevention techniques. The game is completely open-source and designed for developers, auditors, and security researchers.
What You'll Learn
- Smart Contract Vulnerabilities: Hands-on experience with real Cardano security issues
- Aiken Development: Read and write smart contracts using Aiken
- Lucid Integration: Build off-chain interactions using TypeScript and Lucid
- Security Mindset: Think like an attacker to build more secure contracts
How It Works
Each level presents a vulnerable smart contract with a sample interaction. Your goal is to:
- Analyze the contract code for security flaws
- Develop an exploit to drain funds or break the contract
- Test locally, then execute on Cardano testnet
- Learn the vulnerability and prevention techniques
Challenges progress from basic to advanced, covering the most critical smart contract security issues on Cardano.
Get Started
Repository: cardano-ctf
- Clone the repository
- Follow the setup instructions in the README
- Start with Challenge 1 and work your way up
Community: Join the Discord server to discuss solutions and get help.
Hints & Solutions: Need a nudge in the right direction? Check out the Cardano CTF Hints and Solutions blog with spoiler-free hints and detailed solution explanations for all challenges.