[BlackHat USA tool] FumbleChain: A Purposefully Vulnerable Blockchain

Vulnerable Blockchain

FumbleChain: A Purposefully Vulnerable Blockchain

FumbleChain is a deliberately insecure blockchain designed to raise awareness about blockchain security. The FumbleStore is a CTF in the form of a fake e-commerce web application that offers products you can buy using FumbleCoins, the ecosystem’s cryptocurrency. Purchasing new products requires players to exploit flaws and steal coins from crypto-wallets.

FumbleChain runs on any Unix-based operating system that has Docker installed.

Why use FumbleChain?

FumbleChain comes with a simple Python3 codebase implementing a Proof-of-work blockchain similar to Bitcoin. It is bundled with 20+ lessons/tutorials to learn about blockchain security, vulnerabilities, and exploitation. It is fully dockerized and easy to use. Test your skills by solving the challenges in the FumbleStore. Leverage the embedded blockchain explorer and web or CLI wallet to learn about common blockchain pitfalls.

The project is written in Python making it easy for anyone to read and modify its source code. It’s also modular, making it easy to hack and add new challenges. The entire project is fully dockerized, letting anyone play with FumbleChain in a quick and hassle-free way.

Install && Use

Copyright(c) 2019 Nagravision SA.