A ResearchZero Training Lab

Web3 Security
Skill Trees.

WEB3PWN is the hands-on Web3 security academy from ResearchZero. Train across Ethereum & Solidity, Bitcoin, Solana & Anchor, and Canton & DAML by breaking vulnerable contracts, transactions, programs, ledgers, authorization models, and workflow assumptions.

Start Hacking Free See the Lab Flow
0
Academy Tracks
0
Academy Modules
0
Bitcoin Modules
WEB3PWN Academy BITCOIN ONLINE
Current Route Ethereum / Bitcoin / Solana / Canton

Move from network fundamentals to exploit development, UTXO and Script analysis, account validation, authorization failures, privacy boundaries, and state-integrity bugs.

// Bitcoin Script spending rule
OP_DUP OP_HASH160
  <pubKeyHash>
OP_EQUALVERIFY OP_CHECKSIG
// Solidity exploit lab
function attack() external payable {
  target.deposit{value: msg.value}();
  target.withdraw();
}
Preview of the WEB3PWN browser lab showing Ethereum and Solidity, Bitcoin, Solana and Anchor, and Canton and DAML academy tracks.
Why WEB3PWN

Learn Security by Breaking Assumptions

The academy is focused on practice first. Start with Ethereum and Solidity, branch into Bitcoin or Solana and Anchor, then move through Canton and DAML security models.

Multi-Track Academy

Follow dedicated learning trees for Ethereum & Solidity, Bitcoin, Solana & Anchor, and Canton & DAML, with modules that build from fundamentals to security boundaries.

Browser-Based Labs

Read targets, write code, and run validations directly in the browser. No local setup, wallet, or testnet ceremony.

Sandboxed Execution

Labs run in isolated server-side environments, including EVM, Bitcoin, Solana, Anchor, and DAML-capable sandboxes, so practice stays reproducible and contained.

Security-First Curriculum

Train on authorization, availability, state integrity, privacy, UTXOs, scripts, timelocks, account validation, CPI flows, Anchor constraints, reentrancy, signatures, randomness, and gas behavior.

Ranks & Leaderboard

Earn points for solved labs, track progress through rank tiers, and compare your progress on the global leaderboard.

ResearchZero Lab

Built as a practical ResearchZero training environment for people who need to reason about Web3 systems under adversarial pressure.

Academy Tracks

Four Security Trees. One Lab.

The academy is organized as four security trees: EVM smart contract exploitation, Solana and Anchor program security, Canton/DAML application security, and Bitcoin transaction security.

Ethereum & Solidity

Start with Ethereum network basics and Solidity language foundations, then move toward real exploit development in the EVM track.

Track 01

EVM Core Security

Break access control, tx.origin assumptions, and weak randomness patterns that appear in smart contract systems.

Core Security

Intermediate EVM Attacks

Practice reentrancy, denial of service, and signature verification failures by writing code that proves the bug.

Intermediate

Advanced EVM Topics

Dig into upgradeability, proxy storage behavior, and gas optimization as security-relevant engineering constraints.

Advanced

Solana & Anchor

Learn Solana account and program security, then apply the same validation discipline inside Anchor constraints and CPI flows.

Track 02

Solana Orientation

Start with Solana network basics and foundation modules that make accounts, signers, ownership, and runtime rules concrete.

Orientation

Programs & Anchor

Move from runtime invariants into Anchor structure so constraints, accounts, and program-derived assumptions are visible.

Programs

Solana Security

Exploit account authority, CPI and accounting errors, state transitions, time assumptions, and availability bugs.

Solana Security

Anchor Security

Break missing constraints, remaining-account paths, lifecycle controls, and governance checks in Anchor programs.

Anchor Security

Canton & DAML

Learn Canton as the synchronization layer and DAML as the contract language for multi-party workflows and private ledgers.

Track 03

DAML Foundations

Understand templates, choices, signatories, observers, controllers, keys, and the ledger model before attacking mistakes.

Start Here

DAML Core Security

Break authorization, availability, keys and uniqueness, and state-integrity assumptions in ledger applications.

Core Security

DAML Boundaries

Inspect off-ledger integration, privacy, and time-boundary failures where ledger logic meets real workflows.

Boundaries

Bitcoin

Learn UTXOs, proof of work, transaction construction, Script spending rules, wallet policy, and signing boundaries.

Track 04

Bitcoin Foundation

Start with proof of work, keys, addresses, UTXOs, fees, and transaction bytes before moving into spending policy.

Foundation

Spending Rules

Build stack-based locking rules, hashlocks, multisig, witness scripts, refunds, and timelock assumptions.

Script & Timelocks

Signing & Wallets

Inspect signature commitments, PSBT policy, wallet accounting, and Taproot hashing boundaries.

Wallet Policy

Bitcoin Security

Exploit bad randomness, mistaken signing assumptions, and wallet accounting failures that can destroy funds.

Security
Getting Started

Start Your First Lab in 3 Minutes

No local toolchain required. Sign up, pick an academy track, and start reasoning against real code and workflow targets immediately.

Choose a Track

Browse the Ethereum & Solidity tree, the Bitcoin tree, the Solana & Anchor tree, or the Canton & DAML tree. Each path is organized by security topic, difficulty, and prerequisite knowledge.

Write the Proof

Study the vulnerable target, identify the broken assumption, and write the Solidity exploit, Bitcoin transaction proof, Anchor account proof, or DAML-focused answer directly in the browser.

Execute & Verify

Hit execute. The platform runs the track-specific validation in an isolated environment and marks the lab solved when your proof satisfies the objective.

Platform Preview

See the Platform in Action

Track rank, solved labs, skill progress, season missions, and latest solves from the same dashboard used in the app.

Navigate academy trees for Ethereum & Solidity, Bitcoin, Solana & Anchor, and Canton & DAML, from foundations to advanced security boundaries.

Read source material, spot the broken assumption, write the proof, and run validation without leaving the browser.

WEB3PWN dashboard with rank, progress, recent solves, and academy stats
WEB3PWN Academy with skill-tree cards for security modules
WEB3PWN lab editor with source material, code, validation output, and solved status
Learning Tracks

Pick the System You Want to Break Down

The academy follows the same track model as the app: one path for public EVM contracts, one path for Bitcoin transactions and scripts, one path for Solana and Anchor programs, one path for Canton and DAML workflows, and missions for integrated practice.

Beginner

Ethereum & Solidity

Understand Ethereum state, transactions, gas, and Solidity before attacking common EVM vulnerability classes.

  • Ethereum basics and Solidity foundations
  • Access control, tx.origin, and randomness
  • Reentrancy, denial of service, and signatures
  • Upgradeability and gas optimization
11 academy modules
Intermediate

Solana & Anchor

Reason about accounts, signers, ownership, PDAs, CPI, and Anchor constraints before attacking production-style program mistakes.

  • Solana basics, foundations, and runtime invariants
  • Anchor structure, constraints, and account validation
  • Account authority, CPI, accounting, state, and time
  • Remaining accounts, lifecycle controls, and governance
10 academy modules
Intermediate

Bitcoin

Reason about UTXOs, transaction bytes, scripts, signatures, wallet policy, and proof-of-work commitments.

  • Proof of work, keys, addresses, UTXOs, and fees
  • Script, hashlocks, multisig, and timelocks
  • Signatures, PSBT policy, wallets, and Taproot
  • Bad randomness and accounting failures
9 academy modules
Intermediate

Canton & DAML

Learn how DAML describes application rules and how Canton coordinates private multi-party workflows.

  • Canton network basics and DAML foundations
  • Authorization and availability failures
  • Keys, uniqueness, and state integrity
  • Off-ledger integration, privacy, and time boundaries
10 academy modules
Practice

Missions & Ranks

Use the same app environment to solve higher-pressure scenarios, earn points, and track progress across the leaderboard.

  • Season missions and latest solves
  • Point scoring and rank progression
  • Global leaderboard comparison
  • Practice loops for exploit thinking
6 rank tiers
About the Platform

Why Web3 Security Needs Practice

Different Chains, Same Security Discipline

Ethereum applications expose public contract state, external calls, gas constraints, and transaction ordering. Bitcoin systems force careful reasoning about UTXO ownership, transaction construction, scripts, signatures, wallet policy, and proof-of-work commitments. Solana programs require a stricter account-validation mindset around signers, owners, PDAs, CPI, state, and lifecycle controls. Canton and DAML applications introduce a different set of questions around parties, visibility, authorization, privacy, uniqueness, and synchronization boundaries.

WEB3PWN treats those as practical systems to reason about. You move through focused modules, read source material, and validate your understanding in sandboxed labs instead of stopping at theory.

Built Around the App Experience

The same workflow carries from the public page into the app: choose a track, study the target, submit your proof, and use the validation feedback to tighten your reasoning.

Whether you are preparing for smart contract audits, learning Bitcoin transaction security, building Solana program security skills, studying DAML application security, or practicing for Web3 security assessments, WEB3PWN keeps the work close to code, validation, and repeatable feedback.

FAQ

Frequently Asked Questions

What is WEB3PWN?

WEB3PWN is an interactive Web3 security training platform from ResearchZero. It teaches Ethereum & Solidity, Bitcoin, Solana & Anchor, and Canton & DAML through hands-on browser labs, exploit exercises, and progressive academy tracks.

Do I need prior Solidity, Bitcoin Script, Anchor, or DAML experience?

No. WEB3PWN includes foundation modules for Ethereum, Solidity, Bitcoin, Solana, Anchor, Canton, and DAML before the deeper security modules. Basic programming knowledge helps, but the tracks are designed to build progressively.

Do I need to install anything locally?

No. The platform is browser-based. You read the target material, write code in the online editor, and run validation in a sandboxed server environment. No local toolchain, wallet, or gas fees are required.

How do the academy labs work?

Each lab presents a target, source material, and a clear security objective. Depending on the track, you work through Solidity exploit code, Bitcoin transaction and Script failures, Solana and Anchor account-validation failures, or Canton and DAML authorization, privacy, availability, and workflow scenarios.

What academy tracks are covered?

The academy currently includes Ethereum & Solidity, Bitcoin, Solana & Anchor, and Canton & DAML. Ethereum covers EVM fundamentals and exploit classes, Bitcoin covers UTXOs, Script, timelocks, signatures, wallets, Taproot, and transaction security, Solana covers account validation, CPI, Anchor constraints, lifecycle, and governance, and Canton/DAML covers authorization, privacy, uniqueness, state integrity, and workflow boundaries.

What does the Bitcoin course cover?

The Bitcoin track starts with proof of work, keys, addresses, UTXOs, fees, and transaction bytes, then moves into Script, timelocks, signatures, wallet policy, Taproot, bad randomness, and accounting failures.

What are Canton and DAML?

DAML is a smart contract language for multi-party workflows. Canton is the synchronization layer that lets independent DAML participants coordinate transactions while preserving privacy and local control.

What are Solana and Anchor?

Solana programs operate over explicitly supplied accounts, which makes validation of owners, signers, PDAs, CPI targets, and state transitions central to security. Anchor is a Solana framework that expresses many of those rules as account constraints.

Is WEB3PWN free?

Yes, WEB3PWN is free to use. Create an account and start the academy tracks from the browser.

How is WEB3PWN different from Ethernaut or Damn Vulnerable DeFi?

WEB3PWN runs in the browser and combines a progressive academy, rankings, and a leaderboard. It also goes beyond EVM smart contract exploitation by adding Bitcoin, Solana and Anchor, plus Canton and DAML security material alongside Ethereum and Solidity.

Ready to Start Your First
Web3 Security Lab?

Start with Ethereum and Solidity fundamentals, work through Bitcoin transaction security, jump into Solana and Anchor account security, or move into Canton and DAML models when you are ready.

Create Free Account