Ethernaut

Ethernaut is an educational wargame that challenges users to “hack” smart contracts deployed on the Ethereum blockchain. The game is deeply inspired by the classic OverTheWire security platform but redesigned for the decentralized future. Each level introduces a specific vulnerability commonly found in smart contracts—such as re-entrancy, integer overflow, unprotected delegate calls, and access control misconfigurations.

The game does not require linear progression, meaning players can select any level they wish and test their understanding of Solidity, EVM bytecode, and blockchain logic. Levels range from beginner-friendly tasks like bypassing constructor logic or understanding fallback functions, to advanced exploits involving delegatecall abuse, proxy patterns, and calldata manipulation. Every completed level deepens the player’s understanding of how smart contracts can fail—and how to defend against such exploits.

What sets Ethernaut apart from similar platforms like Damn Vulnerable DeFi or Capture the Ether is its direct integration with the Ethereum network (supporting both local testnets and Sepolia), interactive browser-based interface, and its growing community of contributors. With over 30 levels such as Reentrancy, Puzzle Wallet, Elevator, Gatekeeper series, and Magic Animal Carousel, the platform provides a comprehensive overview of Solidity security concepts.

Developers can also run Ethernaut locally or contribute new levels using its open-source codebase on GitHub. It offers a full React-based frontend, smart contract deployment tools, and complete support for Ganache, Hardhat, and Sepolia testnets. By encouraging community-driven level creation, Ethernaut remains a dynamic and ever-evolving educational playground for Ethereum developers.

Ethernaut offers unique features and benefits for developers and security learners:

• Smart Contract Hacking Levels: Learn how to exploit real-world Solidity vulnerabilities in a risk-free environment.
• Web3 Integrated Gameplay: Solve levels using real Ethereum accounts, wallets, and transaction data.
• Open Source & Community-Driven: Built by OpenZeppelin and contributors from around the world—submit your own levels via GitHub PRs.
• Dozens of Progressive Challenges: Start from simple concepts like fallback functions and advance to proxy attacks and double entry points.
• Multi-Network Support: Compatible with local testnets (Ganache, Hardhat) and the Sepolia network for real test deployments.
• No Setup Required to Play: Jump into the game directly from the browser using ethernaut.openzeppelin.com.
• Gamified Learning Experience: Solving each level provides a sense of accomplishment while reinforcing security best practices.

Getting started with Ethernaut is quick and beginner-friendly, while also offering a full developer mode for advanced users:

• Play Online: Visit ethernaut.openzeppelin.com and connect your Web3 wallet (like MetaMask). Start solving any available level directly from your browser.
• Clone the Repo: Developers can clone the full project from GitHub at OpenZeppelin/ethernaut and run it locally using Yarn and Node.js.
• Local Setup: Use commands like yarn install, yarn network, and yarn compile:contracts to start a local testnet and deploy contracts.
• Deploy to Sepolia: Adjust the constants.js file and deploy.sepolia.json to deploy and test on the Sepolia network.
• Track Progress: Save your progress locally or use the GitHub discussions and forums to share solutions and hints with others.
• Contribute Levels: Have a smart contract challenge idea? Submit your level as a PR and help expand the platform for others.