Skip to content
/ severum-sandbox Public

A lightweight, secure, Docker-based sandbox designed to test and simulate Solidity smart contract exploits. Pre-installed with Foundry for contract compilation, deployment, and testing, it serves as the foundation for Severum's Web3 security platform.

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

severum-xyz/severum-sandbox

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
.github/workflows
.github/workflows
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Severum Sandbox

Severum Sandbox is a secure, Docker-based sandbox designed for the Severum Web3 Security Platform. It provides a pre-installed environment for testing and simulating Solidity smart contract exploits in a controlled environment.

This sandbox is used exclusively as part of the platform to ensure a standardized and isolated environment for challenges.

Purpose

  • Challenge Hosting: Pre-configured with Foundry tools (forge, cast, and anvil) to compile, deploy, and test Solidity contracts.
  • Secure Exploit Testing: Enables users to test Proof of Concepts (PoCs) safely.
  • Standardized Environment: Ensures consistency and fairness across all challenges.

Key Features

  • Isolated sandbox for running Solidity-based challenges.
  • Tools for compiling, deploying, and testing contracts.
  • Built for integration with the Severum platform.

How It Works

  1. Platform Integration:

    • The sandbox runs in the background of the Severum platform to support hands-on challenges.
    • Users interact with it indirectly via the platform interface.

  2. Challenge Execution:

    • Contracts are pre-loaded into the sandbox during challenges.
    • Users submit exploit scripts through the platform, which are executed securely in the sandbox.

  3. Logs and Feedback:

    • The sandbox streams logs and execution results back to the platform in real-time.

For Developers and Contributors

Development Setup

  1. Clone the repository:
git clone https://github.com/severum-xyz/severum-sandbox.git
cd severum-sandbox
  1. Build the Docker image:
docker build -t severum-sandbox .
  1. Test the sandbox locally:
docker run -it severum-sandbox

Note: The CI pipeline will be triggered when you push changes or open a pull request. When running tests inside the Docker container, the following steps are automatically performed:

  • The "Reentrancy" challenge is downloaded from the private repository.
  • The "ReentrancyExploit" contract (the solution) is downloaded.
  • The Reentrancy contract is deployed and interacted with.
  • The solution contract (ReentrancyExploit) is deployed and executed.
  • Tests are executed to verify if the challenge has been solved correctly.

Contributing

We welcome contributions to improve severum-sandbox. If you'd like to contribute:

  1. Fork and clone the repository.
  2. Submit pull requests with clear descriptions of your changes.
  3. Focus on enhancing the sandbox for platform integration and challenge support.

License

Severum Core is open for contributions under the MIT License.

Contact

For questions or feedback, please reach out to the Severum team at [email protected].

About

A lightweight, secure, Docker-based sandbox designed to test and simulate Solidity smart contract exploits. Pre-installed with Foundry for contract compilation, deployment, and testing, it serves as the foundation for Severum's Web3 security platform.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages