Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
OtterSec Profile picture
OtterSec
@osec_io
Audits that protect blockchain ideas.
May 8, 2023 10 tweets 3 min read
Security is always evolving.

If you stop learning, you expose yourself to vulnerabilities.

Let’s explore two of the newest mitigation technique on the block: 🧵 Image Many economic exploits and oracle manipulation attacks are a result of treating high and low volatility assets the same.

📈❌📉

This puts undue risk on the protocol, as the inherent risk of higher volatility assets is not priced in.
Apr 3, 2023 5 tweets 3 min read
A large MEV bot was recently hacked for almost 20M. It all happened in one block.

Here's what we know 🧵 It appears a (malicious?) validator spliced in their transaction, stealing funds from a MEV bot attempting to front-run.

Note how this causes the backrun (every 3rd tx) to fail in the previous screenshot.
Dec 16, 2022 5 tweets 2 min read
@RaydiumProtocol just got hacked. It doesn't seem like a smart contract vulnerability.

Here's our analysis. The attacker is repeatedly invoking the withdraw_pnl instruction to withdraw fees from Raydium pools.

solscan.io/tx/3iyVofF2PSa…
Nov 14, 2022 8 tweets 3 min read
1/ Alameda has been a long-standing, loyal security audit client of ours. We also work closely with many projects on Solana, many of which are directly or indirectly affected by FTX’s insolvency.

Here’s our perspective. 2/ Even before FTX filed for bankruptcy, there were some red flags. A few days prior, their Solana USDC Account ran out of funds for withdrawals.

Oct 12, 2022 9 tweets 3 min read
We’re continuing to investigate the recent Mango Markets hack.

Let’s clear up some misinformation. 🧵 At a high level,

1. This was not a flashloan attack
2. The attacker addresses were funded 5.5M via FTX
3. It appears the attacker manipulated prices across all exchanges, not just Solana oracles
Aug 19, 2022 5 tweets 2 min read
Rent Thief:

1/ An MEV bot has been stealing rent from @solendprotocol by abusing the account initialization process.

This is the story of the curious rent thief ; 🧵 2/ Due to Solana’s txn-wide compute budget, the 6 accounts used to store data on the new reserves/assets are split into 2 txns. This is where the thief comes in:

Between txns (~40s window), the account has rent but no owner; allowing the thief to take over and reclaim the rent.
Jul 28, 2022 5 tweets 3 min read
1/ @nirvana_fi was hacked for $3.49 M a few hours ago.

How did this happen? 🧵 2/ This hack beared many similarities to previous hacks. Similar to the @Crema_Finance hack, this too used Solend flashloans.

The attacker’s program was also uploaded on-chain and closed immediately afterwards.

solscan.io/account/62o4Ui…
Jul 3, 2022 5 tweets 2 min read
@Crema_Finance was recently hacked for over $6M. Unlike previous attacks, this hacker used Solend flashloans to drain the pool. We’re working closely with the Crema team to help resolve this issue.

In the meantime, we’ll be sharing what we know about the exploit 🧵 In order to utilize flashloans, the attacker had to deploy their own onchain program. Unfortunately, this program was quickly closed after the exploit.

solscan.io/account/FRAKoK…
Jun 23, 2022 14 tweets 4 min read
We were engaged by the @cega_fi team to perform a security audit of their smart contract code and we’re proud to announce its successful conclusion! Code quality was high, and all vulnerabilities were patched and confirmed.

Deep dive below into interesting technical findings: 🧵 1/ Incorrect withdrawn funds due to missing account reload (OS-CEG-ADV-01):

All withdrawal requests are processed via a withdraw queue, and the amount of USDC tokens to be returned is calculated based on the value of USDC tokens in vault over redeemable mint supply.
Apr 26, 2022 7 tweets 2 min read
SPL-token-swap:

This February, we discovered a critical rounding exploit in the Solana Program Library token-swap implementation. With over $74 M at risk, this was one of the most impactful bugs we’ve reported.

Let’s take a deep dive: 1/ 2/ When implementing an arbitrage bot, we came across some unexpected behavior. We were somehow getting tokens out of nothing. In other words, we were able to put in 0 tokens and get out 1 token.
Apr 16, 2022 10 tweets 3 min read
1/ In our recent audit report on @JetProtocol’s governance program, we listed 13 findings and 4 vulnerabilities. One of these vulnerabilities stand out from the others: OS-JET-ADV-01

Let’s take a deep dive into this rounding error, the implications, as well as its exploitability Image 2/ In Jet’s original conversion code between tokens and shares, all rounding was done via floor division. This meant that the correctness of the code depended on floor division to not be in favor of the user.