Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
View Regular
QuillAudits 🥷 Profile picture
QuillAudits 🥷
@QuillAudits_AI
7+ Years Securing #Web3: 1M+ Lines Audited. Trusted by 1400 + Clients including StarkWare, Taiko, ZetaChain & Metis. Next-gen audits, KYC & on-chain monitoring.

Jan 18, 2023, 5 tweets

A #flashloan attack on @UpswingFinance resulted in the loss of ~22 ETH (~$35.5K)

The project has appeared inactive since Oct. 2020 and was attacked using price manipulation.

A thread👇

It was a price manipulation attack caused due to the design flaw of the $UPStkn token - the _transfer function of the token.

The attack occurred in three key steps👇

1) the attacker uses 18 swaps to lift $UPStkn's sell pressure. Also, during the swaps, the attacker swaps 1.31 Ether for 136,299.97 UPStkn.

2) The attacker transfers zero UPStkn to himself for triggering the internal function releasePressure that further burns the pool's 573,300.39 $UPStkn, which lifts the UPStkn's price.

3) the attacker sells the 136,299.97 UPStkn for 24.877 #Ether at a manipulated price.

Follow @QuillAudits to keep yourself updated with web3 security

Check our newly launched rugpull detector QuillCheck bit.ly/QuillCheck

#rugpull #smartcontract #blockchain #Audit #WAGSI

Share this Scrolly Tale with your friends.

A Scrolly Tale is a new way to read Twitter threads with a more visually immersive experience.
Discover more beautiful Scrolly Tales like this.

Keep scrolling