Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Translate level 30-33 into zh-cn #760

Merged
merged 5 commits into from
Dec 12, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions client/src/gamedata/zh_cn/descriptions/levels/higherorder.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
想象一个规则被打破的世界,只有狡猾和勇敢的人才能崛起掌权。欢迎来到高阶,一个笼罩在神秘中的组织,那里有一笔宝藏等待着,而一位指挥官统治着一切。

你的目标是成为高阶的指挥官!祝你好运!
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
你已经征服了高阶挑战,掌握了肮脏高阶位的漏洞,获得了指挥官的称号。在这个任务中,你深入研究了 Solidity,学习了如何操控字节并绕过函数类型检查。

你的胜利不仅展示了你的技术能力,还突显了你创造性和批判性思维的能力。
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
SlockDotIt 的新产品 **ECLocker** 将 IoT 门锁与 Solidity 智能合约集成,利用以太坊 ECDSA 进行授权。当有效签名发送到锁时,系统会发出 `Open` 事件,解锁授权控制器的门。SlockDotIt 已经雇佣你在产品发布前评估其安全性。你能以某种方式破坏系统,使任何人都能打开门吗?
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
恭喜你!你成功解锁了椭圆曲线签名的秘密!

正如 [EIP-2](https://eips.ethereum.org/EIPS/eip-2) 中所描述的,在我们的验证逻辑中允许 `0 < s < secp256k1n` 的值,如今的情况会引发签名可塑性问题。任何人都可以将任何签名的 `s` 值从 `s` 翻转为 `secp256k1n - s`,更改 `v` 值(27 -> 28,28 -> 27),结果签名仍然可以恢复相同的签名者。

重要的是,除非你确切知道自己在做什么,否则要使用安全的实现。查看 [OpenZeppelin 实现](https://github.com/OpenZeppelin/openzeppelin-contracts/blob/448efeea6640bbbc09373f03fbc9c88e280147ba/contracts/utils/cryptography/ECDSA.sol#L128-L154) 以了解如何安全地使用 ecrecover。
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
亲爱的 Anon,欢迎来到魔法旋转木马,这里生物们在无尽的咒语中旋转和舞动。在这个神奇的、无限的数字轮盘中,它们以迷人的热情循环和旋转。

添加一个生物来加入乐趣,但要注意规则,否则游戏就会结束。
如果一个动物加入了游乐设施,请在再次检查时小心,那个动物必须还在!

你能打破旋转木马的魔法规则吗?
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
恭喜你,打破了旋转木马的魔法规则!在低级数据操作的领域,记住细节至关重要,尤其是在处理存储槽中的数据压缩时。
13 changes: 13 additions & 0 deletions client/src/gamedata/zh_cn/descriptions/levels/stake.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
考虑到代币的 1:1 价值,Stake 适合用于质押原生 ETH 和 ERC20 WETH。你能抽干合约吗?

要完成这一关,合约状态必须满足以下条件:

- `Stake` 合约的 ETH 余额必须大于 0。
- `totalStaked` 必须大于 `Stake` 合约的 ETH 余额。
- 你必须是一个质押者。
- 你的质押余额必须为 0。

可能有用的东西:

- [ERC-20](https://github.com/ethereum/ercs/blob/master/ERCS/erc-20.md) 规范。
- [OpenZeppelin 合约](https://github.com/OpenZeppelin/openzeppelin-contracts)
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
恭喜你,破解了 `Stake` 机器!

在对外部合约进行低级调用时,正确验证外部调用返回值以确定调用是否回退非常重要。

有关更多信息,请查看 [EEA EthTrust [S] 检查外部调用返回](https://entethalliance.github.io/eta-registry/security-levels-spec.html#req-1-check-return) 要求,并在与外部 ERC-20 代币交互时始终使用 [SafeERC20](https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/token/ERC20/utils/SafeERC20.sol)
1 change: 0 additions & 1 deletion contracts/src/levels/MagicAnimalCarousel.sol
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@ contract MagicAnimalCarousel {
uint256 public currentCrateId;
mapping(uint256 crateId => uint256 animalInside) public carousel;

error InvalidCarouselId();
error AnimalNameTooLong();

constructor() {
Expand Down
Loading