Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
bartek.eth Profile picture
@bkiepuszewski
Sep 29, 2020 8 tweets 2 min read Read on X
If you are confused how the hacker managed to drain contract, here’s the exact mechanics of what happened:
EMN contract allows you to buy (mint) EMN with DAI (and sell/burn). It uses quite standard Bancor’s bonding curve - DAI is used as a reserve currency for the EMN token. Price of EMN token is determined by the amount of EMN vs amount of DAI in the reserve
The second token, eAAVE is similar with the small but important caveat - it’s using EMN as a reserve currency, but “virtually” - if you buy/mint eAAVE by sending to it EMN tokens, instead of storing your EMN in the reserve, eAAVE contract will actually burn EMN.
If you sell/burn eAAVE ENS tokens will be minted. This interplay allowed the attacker to run the following trades (all atomically in one transaction):
1. Flashloan 15,00,000 DAI from Uniswap
2. Buy as much EMN as you can with your DAI (ignore the amount)
3. Spend half of your EMNs to buy eAAVE. This will burn the EMNs decreasing the total supply which will pump up the price of EMN
4. Sell your second half of the now-pumped EMNs for 10,024,579 DAI (note that this is much more than 7,500,000 DAI)
5. Now sell your eAAVE to reclaim back your first half of EMNs. The EMNs are minted and this will decrease the price of EMN
6. Sell back your EMNs for 6,649,057 DAI
7. Return 15,000,000 flash loan, enjoy 1,673,636 DAI profit
This has been repeated three times in three separate transactions (so 9 cycles altogether) like the one here: ethtx.info/0x350325313164…

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with bartek.eth

bartek.eth Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @bkiepuszewski

bartek.eth Profile picture
Mar 8
Here's my more nuanced take on @Blast_L2 , have a look at the first part below if you want to have a full picture. In this thread I will explain more the L2 rebasing mechanism 🧵👇
So you know that Blast is taking your funds from L1 escrow and tries to generate yield with them . This potentially can impact your withdrawals as explained in the previous thread. But what happens with this yield ? /2
There are some permissioned actors (REPORTERS) that periodically inform L2 about the new yield generated. You can see them in work here - each commitYield() generates L1 -> L2 message to report new yield /3 etherscan.io/address/0x9807…
Image
Read 11 tweets
bartek.eth Profile picture
Jan 12
A long thread on why, when you use external DA, you need a "DA bridge", which is why - using @sreeramkannan words - external DA looks like DAC (Data Availability) to Ethereum, and why we are complaining that projects using @CelestiaOrg are not using Blobstream bridge 🧵👇
This is what a Validity (zk) Rollup looks like. Transactions (or state diffs, doesn't matter) are posted to Ethereum and Validity proof reference them. Whole construction is very secure /2 Image
This is the optimistic version. No problems here either as we assume that data is always available as it was posted to Ethereum. Challenger should always have access to txdata that is needed for the Fraud Proof /3 Image
Read 12 tweets
bartek.eth Profile picture
Jan 8
There's this big misconception that Plasma = Fraud-Proofs + external DA (similarly to Validiums = Validity Proofs + external DA). The misconception stems from the fact that Plasma is using fraud proofs *and* does not use Ethereum as DA. But it does not work as Validiums 👇🧵
The easiest way to think about Plasma is that it is a system that allows users to permissionlessly exit their coins w/out any additional trust assumptions. So - security wise - Plasma is in the same category as Rollups /2
How is it possible if data is not posted to Ethereum ? The assumption in Plasma is that essentially data necessary to exit assets is kept by clients/users having these assets, so it's distributed all over the place (and not in some external DA as is the case with Validiums) /3
Read 13 tweets
bartek.eth Profile picture
Oct 31, 2023
TPS is a very faulty metric to measure blockchain throughput. And it's going to get worse in the future. One of the potential alternatives is to measure UOPS - User Ops per second. But what are they, how they relate to AA and is it really a feasible alternative ? 🧵👇 Image
We are used to see 100-200 individual transactions in a current block on Ethereum. Each (or most) what appears to be an individual action performed by an owner of EOA initiating the transaction /2 Image
It is likely though that in the future because of AA and PBS instead of hundreds of individual transactions we might see few "bundles" - transactions that "pack" dozens of individual user transaction in one, bigger tx prepared by the "bundler" /3
Read 19 tweets
bartek.eth Profile picture
Aug 29, 2023
Data Availability is by far the most confusing term we ever came up with. Data Publishing + Data Storage are better terms that are more intuitive. DA = Data Publishing, not Data Storage. Here are few facts that you may be unaware of: 🧵👇
Block Producers need to publish blocks so that others can validate them. Sounds obvious, right ? Except that when you don't see a block content, you cannot tell if it was published or not. Maybe you don't see it because your internet connection is down /2
Hence we say that DA is "non-attributable fault". It is not possible to prove that block producer has not published data /3
Read 13 tweets
bartek.eth Profile picture
Aug 20, 2023
So you have heard about zkProofs, how cool they are and how using them Ethereum can verify computational integrity of some off-chain programs (ranging from custom apps to full-blown Layer2 zkEVMs). But how do we know what is that program that is being verified ? 🧵👇
This is an example of an on-chain zk Verifier. This one happens to be used by @worldcoin for their identity batch submitter so that instead of submitting on-chain hundreds or thousands of ids, they submit a much smaller zkProof /2 etherscan.io/address/0x03ad…
Image
Proof systems differ but the most common (groth16, plonk) use an on-chain Verifier that do few simple Elliptic curve equations (using precompiles) and the verification of the proof is done in constant time. But of which program ? What is really being proven ? /3
Read 15 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(