// the find
minaminao/ctf-blockchain
A summary and solutions for 200+ CTF blockchain challenges
A personal archive of 200+ blockchain CTF challenge solutions spanning Ethereum, Bitcoin, Solana, Cosmos, Move, and Cairo — organized by vulnerability class rather than by event. The author (minaminao) is an active CTF competitor and challenge author, so many of the writeups are first-hand. This is a reference repo for anyone learning smart contract security or preparing for blockchain CTFs.
The vulnerability taxonomy is the real value: categories like 'storage overwrite by delegatecall', 'abi.encodePacked collision', and 'ecrecover returns address(0)' map directly to real audit findings, not just CTF trivia. Coverage spans from Solidity 0.5.0 quirks to EIP-7702 and 2025 events, so it stays current. Solutions use Foundry throughout — forge test and forge script exploits are runnable, not just prose explanations. The author also contributes challenges (HITCON, SECCON), so the writeups for those go deeper than a participant's reverse-engineering.
Many entries are just table rows with no solution file — particularly older events and external-link-only CTFs like Damn Vulnerable DeFi, where the actual explanation lives elsewhere or not at all. The Solana, Cosmos, Move, and Cairo sections are thin stubs compared to the Ethereum depth; if you came here for non-EVM chain security, you'll be disappointed. There's no difficulty signal anywhere, so a beginner hitting 'Jump-oriented programming' immediately after 'Smart contract basics' gets no warning about the skill cliff. The repo is a personal archive, not a teaching resource — expect spoilers with minimal context about *why* a vulnerability exists, not walkthroughs of how to find it.