Based on Whitehacks Kit, adapted from SunWeb3Sec (thanks!)
Provided AS-IS as educational content only, disclaim any liability for using it.
Whitehacks are hard and should be execute by professionals. If you are unsure reach-out ETHSecurity tg channel. Reach-out anyway.
This repo offers a guide to prepare them.
They must be executed in 1 shot and privately, hence one single transaction and the private mempool by Flashbots.
You prepare, you test in a fork, you don't change, you execute.
- Fork the repo
- Install Foundry
- Edit Whitehack.sol
- Adapt Whitehack.s.sol
- Unset
$RPC_URL
unset $RPC_URL
- Check no RPC port open on your computer, if so kill the processes
netstat -an | grep LISTEN | grep 8545
- Run Anvil fork with
anvil --fork-url https://eth.llamarpc.com --fork-block-number 17806055
- Impersonate your account
0xYOUR_WALLET_ADDRESS
cast rpc \
anvil_impersonateAccount "0xYOUR_WALLET_ADDRESS" \
--rpc-url "http://localhost:8545"
- Run the script
forge script \
script/Whitehack.s.sol:WhitehackScript \
--rpc-url "http://localhost:8545" \
--sender "0xYOUR_WALLET_ADDRESS" \
-vvv \
--broadcast