Share this page!

Mudit Gupta Profile picture
Twitter logo
28 Jun, 10 tweets, 4 min read
SafeDollar was exploited today and dumped on the open market for ~$250k. It was an infinite mint exploit. The market cap of $SDO was ~$248mm but there was just $250k in exit liquidity,. The attack happened because SafeDollar incentivized a token that has a fee on transfer. 🧵👇
The attack started with this (seemingly) innocent deposit polygonscan.com/tx/0x55dad44a7…. The attacker planned on increasing the rewards earned by this deposit to a virtually infinite amount (and they did).
The token deposited (polygonscan.com/token/0x7a5dc8…) charges a fee on transfers. Therefore, every time someone withdrew tokens from the rewarder, the rewarder lost some of its balance in fees. Ideally, the fee should have been borne by the user but the rewarder doesn't account for it.
The attacker exploited this bug and drained the token balance of the rewarder by depositing and withdrawing the token in a loop. polygonscan.com/tx/0xd78ff27f3…
The rewarder calculates the reward to give out per token based on its total holdings. i.e. If the rewarder holds a total of 2 token units and the total reward given out is 10, every token unit is eligible to claim 5 rewards.
This is where the accounting mistake(transfer fee) rekts the rewarder. The rewarder checks its total balance and thinks that only 2 token units have been deposited so it sets a very high reward per token value. However, in reality, a lot more tokens are deposited in it.
The innocent-looking initial deposit comes into play now. It had deposited 214,235,502,909,238,707,603 token units (214 * 10^18) earlier. It is now eligible to claim a very high reward for every token unit deposited. All prior deposits are actually eligible to claim high rewards.
The attacker finally claims the $SDO reward and sells the $SDO for ~$202k $USDC and ~$46k $USDT on PolyDex in a single transaction: polygonscan.com/tx/0x1360315a1….

The users providing SDO-USDC and SDO-USDT liquidity and, the ones holding $SDO got rekt.
The total loss (Fully diluted valuation of $SDO + USDC/USDT pegged in liquidity positions) is over $250mm.

If anything has "Safe" in its' name, it's usually not Safe.

My condolences to those who got rekt in this. It's an ape eats ape world out there, stay safe (pun intended).
Correction: FDV of SDO was 450k prior to the hack, not 248m as I previously mentioned. That means, the total loss was 450k (FDV loss) + 250k (USDC + USDT taken by attacker) = 700k.

Thanks to @Rob_Stevens_ for pointing out the mistake.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Mudit Gupta

Mudit Gupta Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @Mudit__Gupta

Mudit Gupta Profile picture
30 May
Belt Finance got hacked today, losses worth ~$13mm. Withdrawals have been paused to prevent further losses. The exploit happened due to an incorrect valuation of 3eps shares. This was one of the more complex hacks in recent times🧵👇
The exploit was in the beltBUSD vault's Elipsis strategy. The vault uses multiple strategies: Elipsis, Venus, Alpaca, and Fortube. Although the exploit happened due to a bug in Elipsis strategy, funds were leaked via the Venus strategy.
This actually derailed my analysis a bit since I initially focused on the Venus strategy. Only when I took a step back, I realized what's actually going on. It was just luck that Venus strategy was the most undersubscribed strategy at the start of the exploit so it got used.
Read 12 tweets
Mudit Gupta Profile picture
28 May
$7.2mm stolen from @burger_swap because of a silly modification in the source code.

The swap function is supposed to verify x*y >= k which basically verifies that the contract got enough input tokens required to do the swap 🧵👇
Without this check, you can trigger a swap to swap a million token X for a million token Y but only pay 1 token X to the pool while withdrawing the million token Y.

Without this check, the pool has no way to ensure that the user paid the input tokens they committed in the swap.
Why was this check removed? I have two theories
1) Planned Rug
2) Incompetent devs that saw a test case failing and just removed the check that caused the failure rather than understanding what's going on and fixing the issue.
Read 4 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @Mudit__Gupta has new unrolls!

Check out other threads from @Mudit__Gupta!

Read all threads by @Mudit__Gupta

:(