// the find
coinspect/learn-evm-attacks
🚀 Try the Learn EVM Explorer we just launched!!!
A collection of 40+ Foundry tests that reproduce real DeFi exploits — reentrancy attacks, oracle manipulation, access control failures, bridge hacks — with context and diagrams for each. It's aimed at Solidity developers and auditors who want to study how these attacks actually worked, not just read post-mortems.
Each test is a runnable exploit, not pseudocode — you clone, run `forge test --match-contract Exploit_X -vvv`, and watch $50MM drain in a local fork. The RPC cache infrastructure is genuinely well-engineered: a committed `rpc_cache/` directory plus a mock Node.js proxy means all 40+ tests run offline in Codespaces without a live archive node. Coverage spans the full attack taxonomy — reentrancy, bad validation, business logic, bridges — and keeps getting updated with recent exploits (Bunni Sept 2025, Futureswap Jan 2026). The categorization is honest and useful; the Tornado Cash governance example is a better DELEGATECALL tutorial than most blog posts.
The README description ('Try the Learn EVM Explorer we just launched!!!') points to an external web UI that's not in this repo, so you don't actually know what you're getting until you dig in. Explanatory depth varies wildly between attacks — some have solid READMEs with diagrams, others are just the test file. No automated CI that verifies all cached tests still pass, so there's no guarantee the cache hasn't rotted since the last contributor touched it. Coverage skews heavily toward Ethereum mainnet and BSC; L2-native attack patterns (sequencer manipulation, L1→L2 message spoofing) are absent.