Learn

Understand how crypto systems fail — by making them fail.

0xrange is built on one idea: you remember a vulnerability you exploited far better than one you read about. Here is how the learning works.

Browse labsSee pricing

The method

Four principles behind every lab.

Flaw and fix, always paired

Every vulnerable contract ships with its patched twin. You see the exact lines that fail, run the attack, then watch the same attack revert against the fix. The lesson sticks because you felt both outcomes.

Theory grounded in a live target

No abstract slides. Each concept — reentrancy, oracle manipulation, access control — is attached to a real objective against a live target whose state you watch change as you exploit it.

Defence-first, always

You learn offence to build defence. Every lab frames the exploit as a lesson in mitigation: guards, checks-effects-interactions, pull payments, manipulation-resistant feeds.

No prior Solidity assumed

Start from nervous beginner. Annotated code, progressive hints that never cost points, and a terminal that stays hidden until you want it. Ramp to auditor at your own pace.

Learning paths

Pick a track, or follow them in order.

Paths group labs by the systems they target. The first path is live today; the others open as their labs ship.

PATH 01

Smart-contract security

Reentrancy, access control, delegatecall, integer handling, and the patterns that prevent them.

  • Beginner → Advanced

PATH 02

DeFi & oracle security

Price manipulation, flash-loan attacks, AMM invariants, and manipulation-resistant design.

  • Intermediate → Expert

PATH 03

Bridge & cross-chain

Validator trust models, signature verification, message replay, and the landmark bridge breaches.

  • Advanced → Expert