Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Igor Igamberdiev Profile picture
@FrankResearcher
Sep 29, 2020 4 tweets 2 min read Read on X
$ENM hacker used Tornado to fund his address a week ago. Right after that, he claimed $UNI tokens for one of arbitrage contracts and withdrew them to himself in another tx by simulating arb. In theory, this claim could be a hack, which is why a mixer might have been used.
But it was necessary to guess without source code that arb function would help to withdraw $UNI and then use it in a certain way. Because of this, I’m more confident that it was the creator of the arb contract himself - 0x2d033fe
My hypothesis based on on-chain data:

0x223034e = $ENM hacker
0x762bfbd = the contract from which the hacker withdrawn $UNI
0x2d033fe = address of creator of 0x762bfbd
0x2f14f72 = address which funded creator (very likely one owner)
The arbitrageur, in turn, received funds from two addresses funded from 0x2f14f72. This gives hope for the identification of a possible culprit, because this address used Huobi, Bitmax, Hotbit and 1inch. For these projects to help, first contact the police. GL

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Igor Igamberdiev

Igor Igamberdiev Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @FrankResearcher

Igor Igamberdiev Profile picture
Aug 21
1/6
Today, we’re launching The Alpha Challenge, a two-week experiment for the crypto community to test their on-chain analysis skills and for Wintermute to hire top talent

We've also collaborated with six companies to provide exciting awards for those who will not be hired👇 Image
2/6
We developed this idea because using case studies is our (and my personal) approach to hiring for research-related roles

The feedback was always excellent, so it would be interesting to check it on a larger scale

That’s why we're posting 10 case studies instead of a few
3/6
Think of this challenge as a simpler way to check your on-chain skills because if you collect 60+ points, then you’re in a good position to receive awards from our frens

If not, you can read writeups after the challenge ends and learn something new (similar to CTFs)
Read 6 tweets
Igor Igamberdiev Profile picture
Sep 26, 2023
1/5
Imagine if you could bet on a coin flip but couldn’t lose anything

This is how someone stole around $25k from dice9win today, with another $200k was saved by SEAL 911 members

Let’s figure out how it works (we have the team's approval)👇

2/5
The exploiter deployed contracts for each 'coin flip'

The project’s VRF oracle provided randomness and settled bets

In case of victory, the exploiter’s contract redirected the winnings to them Image
3/5
In case of failure, dice9win returned 1 wei of ETH, which led to reverts inside exploiter contracts

Due to this revert, the casino state wasn’t updated, and the bid was still in a pending state

The protocol allows for a full refund of the pending bet in around 8 hours Image
Read 5 tweets
Igor Igamberdiev Profile picture
Aug 1, 2023
1/12

Alright, I've been sitting on this news all day, but let's look at the @BaldBaseBald deployer.

This is definitely someone from Alameda, but I don't think we can safely say that this is @SBF_FTX (even though he is a psycho)

Let's go👇 Image
2/12

I started the morning by making sure that he is not a Coinbase insider, despite the mention of the address (0xccFa05) as the largest holder on DeFi governance forums

Upon closer inspection, one could find that cbETH was not minted by Coinbase, but was bought on Uniswap v3 Image
3/12

Despite the incredible amount of funds the address held, the leading exchanges used were Binance, FTX, Coinbase

Nothing out of the ordinary, right?

It could be anyone, so I went to see if any previous addresses were associated with exchange accounts Image
Read 12 tweets
Igor Igamberdiev Profile picture
Mar 24, 2023
1/10

For more than a week, someone has been trying to carry out a governance attack on @SwerveFinance (a dead Curve clone) and steal $1M+ in various stablecoins

Let’s figure out why he didn’t succeed and also find out who the exploiter is👇

2/10

Swerve is powered by Aragon, where voters use veSWRV (maximum voting power if tokens are locked for 4 years)

There are currently 1.6M yvSWRVs, 51% of which (571k) are needed to execute proposals

Exploiter already owns 495k ($60k) from two addresses
3/10

Let’s move on to the timeline of events:

1) 18 days ago, 0x3cc111 sent messages to 8 largest veSWRV holders asking them to check Blockscan chat

This address has also received messages from j-trezor.silvavault.eth twice
Read 10 tweets
Igor Igamberdiev Profile picture
Mar 13, 2023
1/7
Euler lost $197M in 6 tokens:

- 73.8k wstETH ($116M)
- 34.2M USDC
- 846 WBTC ($18.6M)
- 8k WETH ($12.6M)
- 8.9M DAI
- 3.8k stETH ($6M)

Also, EULER price fell by 52%👇

2/7
Let’s see what happened using the attack on the DAI pool as an example

But first, I need to share a little context:

eToken - collateral token
dToken - debt token

As soon as the amount of dToken exceeds the amount of eToken, liquidation can be triggered Image
3/7
The execution flow:

1) Flash loan tokens from Balancer/Aave v2 => 30M DAI

2) Deploy two contracts: violator and liquidator

Violator:

3) Deposit 2/3 of funds to Euler using deposit() => sent 20M DAI to Euler and received 19.5M eDAI from Euler Image
Read 7 tweets
Igor Igamberdiev Profile picture
Feb 28, 2023
1/7
Many post-mortems after the Terra events have focused on “Wallet A” which played a large role in UST depegging

"Wallet A" swapped 85M UST for USDC and imbalanced the UST/3CRV Curve pool

There is a good chance this wallet is related to @JaneStreetGroup
2/7
On May 3, 2022, Clearpool announced that Jane Street borrowed 25M USDC from @BlockTower using their permissioned lending pool

This news made it possible to identify three addresses of the trading firm, of which we are most interested in only one

3/7
Within two weeks of Terra's collapse, this address:

🔴 Received $15M and repaid them along with an additional $10M to the lender without any use

🟡 Invested $150k in @tonicdex

🟢 Borrowed $25M again and deposited them to a very interesting Coinbase wallet
Read 7 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(