Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
View Regular
@bertcmiller ⚡️🤖 Profile picture
@bertcmiller ⚡️🤖
@bertcmiller
⚡️ @ Flashbots // Optimist who is always learning. // https://t.co/wVakb6wty7

Jul 31, 2021, 19 tweets

Fatal flaws in a bot, a sort of on-chain virus, a trojan horse token, and arbitrage gone wrong

Join me in looking at the latest MEV bot exploit in this thread 👇🏻

The victim today tried to arbitrage the CHUM token (!) for ~0.01 ETH in profit, but in the process had 30 WETH transferred out of their wallet.

They only interacted with Uniswap v2 pools, how did this happen!?

Searchers optimize their contracts to the extreme to do very specific things very efficiently.

However, occasionally they have a need to do random things & add in functions that can be used for to execute basically any arbitrary transaction in a contract

The Flashbots simple arb example has one of these! It can execute arbitrary transactions on behalf of the owner, and only the owner.

This is validated by checking who is calling this function with msg.sender, which is important to this story.

github.com/flashbots/simp…

Decompiling their contract, the victim uses tx.origin to ensure that transactions calling some functions originated with their account.

Including a function that made arbitrary calls.

As with the THORChain saga this is very dangerous.

Still, for almost any interaction on-chain it was fine.

To make an arbitrary call with this victim's contract you would need them to originate the transaction somehow and inject your desired transaction in their's, like a virus!

How might you bait them into doing so?

Well, the victim was an arbitrage bot! The answer was to bait them by deploying a new token and creating a fake arb to get them to interact with that token.

Thus the CHUM token and two Uniswap v2 pools were borne.

But how does CHUM work? Let's go through it end to end.

First, the victim tried to swap on the Uniswap v2 pool

Then, the Uniswap v2 pool transferred CHUM back to the victim, in doing so triggering some special logic

What happens now?

This was hard to piece together but I think I got it with 3 clues.

1st, you can see in CHUM decompiled that it checks for certain addresses as well as using block.coinbase and making calls.

This is CHUM targeting the victim & maybe avoiding simulation.

Second, looking @ CHUM's transactions we can see transactions with input data that contains the address for WETH, as well as the attacker's address (3a28...), and what looks to be numbers.

Looks to me like a custom payload that transfers WETH to the attacker, a sort of virus.

Lastly, we can also see in a trace of the execution that CHUM is calling another contract (!) "0x33..." that is hard to spot on Etherscan.

With these I think we can construct what happened.

The attacker first injects the on-chain virus designed to transfer WETH out of the victim into CHUM

Victim arbs CHUM and the Uniswap pool calls transfer on CHUM as part of the swap

CHUM calls then contract 0x33 with the WETH transfer virus

0x33 then calls the victim's contract with the WETH transfer virus, attempting to execute it

The victim's contract checks to see that the victim started the transaction and this condition passes.

The victim's contract executes the virus.

The attacker is sent 30 WETH.

The attacker then IMMEDIATELY updated their WETH transfer virus and repeated this twice more for 35 WETH in total.

They were watching closely.

This was a highly targeted attack pointed at a specific bot's contract. It would only work for bots with a specific function AND if the bot used tx.origin as a safety check.

I have to wonder how they even found that vulnerability amongst hundreds of other bots.

Still, it was relatively easy to defend against. First, you shouldn't use tx.origin as a safety check.

Second, you should check that your transaction has made a project before paying the miner!

That is it for today everyone.

Check out our Github to learn more and get involved if you're interested in mitigating MEV's negative externalities:

github.com/flashbots/pm

Huge shout to the Flashbots team who I am eternally grateful to for their tireless and excellent work

@phildaian @tzhen @epheph @ObadiaAlex @thegostep @jparyani @fiiiu_ @tkstanczak
@taarushv @LukeYoungblood @sui414

Profit***

Share this Scrolly Tale with your friends.

A Scrolly Tale is a new way to read Twitter threads with a more visually immersive experience.
Discover more beautiful Scrolly Tales like this.

Keep scrolling