Share this page!

Bartek Kiepuszewski Profile picture
Twitter logo
16 May, 6 tweets, 2 min read
1/ The easiest way to understand the difference between L2 Rollup and a sidechain such as @0xPolygon is to inspect closer the exit procedure. Below is tx withdrawing 450,000 USDC from @0xPolygon child chain: ethtx.info/0x5c5f80a7dab5… 👇
2/ First thing to notice is that to perform the exit user needs to submit the chunk of data (input data) containing, among other info, merkle proof for the exit. This data can only be obtained from Matic nodes, it is impossible to construct it just by observing L1 Image
3/ On a Rollup data would be available on L1, so even if all Matic nodes were down, users would still be able to exit their tokens. That's not the case here - you need to get that data from Matic nodes
4/ Next, contract verifies MerkleProof against previously submitted checkpoint. Again - if Matic nodes chose not to commit a checkpoint, exit would be impossible. But it's worse than that - they can submit fraudulent checkpoint state assigning all users' tokens to themselves
5/ And then simply exit them by submitting the merkle proof and verifying it against this fraudulent state (note that any state can be submitted and there is no validity check)
6/ TL/DR: users need to trust validators for the safety of their funds and the ability to exit them. Validators can easily block funds on a sidechain (by withholding data) or seize them (by assigning all tokens to themselves)

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Bartek Kiepuszewski

Bartek Kiepuszewski Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @bkiepuszewski

Bartek Kiepuszewski Profile picture
14 Feb
1/ If, after reading blog.alphafinance.io/alpha-homora-v… you are still confused how Alpha Homora and IronBank were hacked, here's how the hack was conceived
2/ Normally when you borrow funds from AH bank, your debtShare and totalDebt increases. Specifically if you want to borrow x tokens, your debt share will be calculated as:

share = x * totalShare / totalDebt

and it is added to totalShare
3/ All these numbers are very big integers (as token precisions are 18 digits) and the calculation is correct, but when totalShare = 1 (think 1 wei) and x < totalDebt, new debt share will be 0 (integer division)
Read 9 tweets
Bartek Kiepuszewski Profile picture
31 Jan
[1/13] It may be initially confusing to fully grasp how deposits and withdrawals from L1 to @optimismPBC are actually implemented, and it helps to see the on-chain action of what is happening behind the scenes.
[2/13] Initial setup (simplified): on L1 we have SyntheticBridgeToOptimism from Synthetic and OVM_L1CrossDomainManager from Optimism contracts. On L2 we have SynthetixBridgeToBase and OVM_L2_CrossDomainManager contracts.
[3/13] Additionally we have Sequencer (L2 mining node) that verifies all L2 transactions and submits them in batches to L1 for future reference and Relayer that is responsible for relaying messages from L2 —> L1
Read 15 tweets
Bartek Kiepuszewski Profile picture
29 Sep 20
If you are confused how the hacker managed to drain contract, here’s the exact mechanics of what happened:
EMN contract allows you to buy (mint) EMN with DAI (and sell/burn). It uses quite standard Bancor’s bonding curve - DAI is used as a reserve currency for the EMN token. Price of EMN token is determined by the amount of EMN vs amount of DAI in the reserve
The second token, eAAVE is similar with the small but important caveat - it’s using EMN as a reserve currency, but “virtually” - if you buy/mint eAAVE by sending to it EMN tokens, instead of storing your EMN in the reserve, eAAVE contract will actually burn EMN.
Read 8 tweets
Bartek Kiepuszewski Profile picture
18 Feb 20
[1/8] Detailed analysis of another bZx/SNX attack (0x762881b07feb63c436dee38edd4ff1f7a74c33091e534af56c9f7d49b5ecac15). This one is more sophisticated than the previous one. The steps are as follows:
[2/8] Step 1. Flash borrow 7,500 ETH on bZx. This is ironic given that bZx will loose at the end
[3/8] Step 2. Exchange 540 ETH through Kyber to sUSD. This goes to Uniswap pushing sUSD value artificially high
Read 9 tweets
Bartek Kiepuszewski Profile picture
16 Feb 20
If you are interested in the details on the recent bZx arb/attack trade, have a look at ethtx.info/0xb5c8bd9430b6… - the following thread is a step-by-step explanation of what is going on
First the attacker gets 10,000 ETH loan from dYdX (SoloMargin.operate with ActionType=1 which is withdraw). Note that there is also ActionType=8 which is a call. In this case it is a call to attacker's script
Then he sends 5,500 ETH to Compound and gets 112 WBTC loan (cETH.mint and cWBTC.borrow)
Read 11 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @bkiepuszewski has new unrolls!

Check out other threads from @bkiepuszewski!

Read all threads by @bkiepuszewski

:(