fijiapes/defihacklabs
Fork: 0 Star: 3 (更新于 2024-12-15 12:29:41)
license: 暂无
Language: Solidity .
DeFiHackLabs fork with Contract code
DeFi Hacks Reproduce - Foundry
Reproduce DeFi hack incidents using Foundry.
36 incidents included.
This repo is only for the educational purpose.
Let's make Web3 secure!
Getting Started
- Follow the instructions to install Foundry.
- Create an account on moralis.io or alchemy.com for the mainnet forking.
List of DeFi Hacks & Exploits
20220701 Quixotic - Optimism NFT Marketplace
20220624 Harmony's Horizon Bridge
20220608 Optimism - Wintermute
20220430 Rari Capital/Fei Protocol
20220424 Wiener DOGE - Flashloan
20220416 BeanstalkFarms - DAO + Flashloan
20220322 CompoundTUSDSweepTokenBypass
20171106 Parity - 'Accidentally Killed It'
Transaction debugging tools
https://dashboard.tenderly.co/explorer
https://versatile.blocksecteam.com/tx
https://github.com/dapphub/dapptools
20220701 Quixotic - Optimism NFT Marketplace
Lost: $100K
fillSellOrder function only check seller signature.
ECDSA signature combined with v r s, if recoveredAddress == sellOrder.seller; sellorder execute.
Testing
forge test --contracts ./src/test/Quixotic_exp.sol --fork-url https://opt-mainnet.g.alchemy.com/v2/[APIKEY]/ --fork-block-number 13591383 -vv
Link reference
https://twitter.com/1nf0s3cpt/status/1542808565349777408
https://twitter.com/SlowMist_Team/status/1542795627603857409
20220626 XCarnival - Infinite Number of Loans
Lost: 3087 ETH (~$3.87M)
Testing
forge test --contracts ./src/test/XCarnival.exp.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/eth/mainnet/archive --fork-block-number 15028846 -vv
Link reference
https://twitter.com/XCarnival_Lab/status/1541226298399653888
https://twitter.com/peckshield/status/1541047171453034501
https://twitter.com/BlockSecTeam/status/1541070850505723905
20220624 Harmony's Horizon Bridge
Lost: $100 million
Private key compromised case of Multisig wallet
Testing
forge test --contracts ./src/test/Harmony_multisig.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/eth/mainnet/archive --fork-block-number 15012670 -vvvv
Link reference
https://twitter.com/harmonyprotocol/status/1540110924400324608
https://twitter.com/0xIvo/status/1540165571681128448
https://twitter.com/1nf0s3cpt/status/1540139812715261952
20220618 SNOOD - Miscalculation on _spendAllowance
Lost: 104 ETH
On _spendAllowance
function they use _getStandardAmount
and should be _getReflectedAmount
Testing
forge test --contracts ./src/test/Snood_poc.t.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/eth/mainnet/archive --fork-block-number 14983660 -vv
Link reference
https://etherscan.io/tx/0x9a6227ef97d7ce75732645bd604ef128bb5dfbc1bfbe0966ad1cd2870d45a20e
https://ethtx.info/mainnet/0x9a6227ef97d7ce75732645bd604ef128bb5dfbc1bfbe0966ad1cd2870d45a20e/
20220616 InverseFinance - Flashloan & Price Oracle Manipulation
Lost: 53.2445 WBTC and 99,976.29 USDT
Testing
forge test --contracts ./src/test/InverseFinance_exp.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/eth/mainnet/archive --fork-block-number 14972418 -vv
Link reference
https://twitter.com/peckshield/status/1537382891230883841
https://twitter.com/SlowMist_Team/status/1537602909512376321
https://blocksecteam.medium.com/price-oracle-manipulation-attack-on-inverse-finance-a5544218ea91
https://www.certik.com/resources/blog/6LbL57WA3iMNm8zd7q111R-inverse-finance-incident-analysis
https://etherscan.io/tx/0x958236266991bc3fe3b77feaacea120f172c0708ad01c7a715b255f218f9313c
20220608 GYMNetwork - AccessControl
Lost: $2.1 million
Testing
forge test --contracts ./src/test/Gym_2_exp.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/bsc/mainnet/archive --fork-block-number 18501049 -vv
Link reference
https://twitter.com/peckshield/status/1534423219607719936
https://twitter.com/1nf0s3cpt/status/1534464698069884929
https://www.jinse.com/news/blockchain/1658455.html
20220608 Optimism - Wintermute
Lost: 20 million Optimism (OP) tokens returned 17 million of them
Testing
forge test --contracts ./src/test/Optimism_exp.sol --fork-url https://opt-mainnet.g.alchemy.com/v2/[APIKEY]/ --fork-block-number 10607735 -vv
Link reference
20220606 Discover - Flashloan & Price Oracle Manipulation
Lost: 49 BNB
Testing
forge test --contracts ./src/test/Discover_exp.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/bsc/mainnet/archive --fork-block-number 18446845 -vv
Link reference
https://www.twitter.com/BeosinAlert/status/1533734518623899648
https://www.anquanke.com/post/id/274003
https://bscscan.com/tx/0x8a33a1f8c7af372a9c81ede9e442114f0aabb537e5c3a22c0fd7231c4820f1e9
https://bscscan.com/tx/0x1dd4989052f69cd388f4dfbeb1690a3f3a323ebb73df816e5ef2466dc98fa4a4
20220529 NOVO Protocol - Flashloan & Price Oracle Manipulation
Lost: 279 BNB
Testing
forge test --contracts ./src/test/Novo_exp.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/bsc/mainnet/archive --fork-block-number 18225002 -vvv
Link reference
https://www.panewslab.com/zh_hk/articledetails/f40t9xb4.html
https://bscscan.com/tx/0xc346adf14e5082e6df5aeae650f3d7f606d7e08247c2b856510766b4dfcdc57f
https://bscscan.com/address/0xa0787daad6062349f63b7c228cbfd5d8a3db08f1#code
20220430 Rari Capital/Fei Protocol - Flashloan Attack + Reentrancy
Lost: $80 million
Testing
forge test --contracts ./src/test/Rari_exp.t.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/eth/mainnet/archive --fork-block-number 14684813 -vv
Link reference
https://certik.medium.com/fei-protocol-incident-analysis-8527440696cc
https://twitter.com/peckshield/status/1520369315698016256
https://etherscan.io/tx/0xab486012f21be741c9e674ffda227e30518e8a1e37a5f1d58d0b0d41f6e76530
20220424 Wiener DOGE - Flashloan
Lost: 78 BNB
Testing
forge test --contracts ./src/test/Wdoge_exp.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/bsc/mainnet/archive --fork-block-number 17248705 -vvv
Link reference
https://twitter.com/solid_group_1/status/1519034573354676224
https://bscscan.com/tx/0x4f2005e3815c15d1a9abd8588dd1464769a00414a6b7adcbfd75a5331d378e1d
20220428 DEUS DAO - Flashloan & Price Oracle Manipulation
Lost: $13 million
Testing
forge test --contracts ./src/test/deus_poc.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/fantom/mainnet/archive --fork-block-number 37093708 -vv
Link reference
https://twitter.com/peckshield/status/1519531866109317121
https://ftmscan.com/tx/0xe374495036fac18aa5b1a497a17e70f256c4d3d416dd1408c026f3f5c70a3a9c
20220421 Zeed Finance
Lost: $1 million
Testing
forge test --contracts ./src/test/Zeed_exp.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/bsc/mainnet/archive --fork-block-number 17132514 -vv
Link reference
https://www.cryptotimes.io/hacker-leaves-1m-to-self-destruct-after-zeed-protocol-exploit/
https://medium.com/@zeedcommunity/the-solution-for-the-yeed-lp-pool-attack-a120c53948cd
https://bscscan.com/tx/0x0507476234193a9a5c7ae2c47e4c4b833a7c3923cefc6fd7667b72f3ca3fa83a
20220416 BeanstalkFarms - DAO + Flashloan
Lost: $182 million
Testing
forge test --contracts ./src/test/Beanstalk_exp.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/eth/mainnet/archive --fork-block-number 14595905 -vv
Link reference
https://medium.com/uno-re/beanstalk-farms-hacked-total-damage-is-182-million-b699dd3e5c8
https://twitter.com/peckshield/status/1515680335769456640
https://etherscan.io/tx/0x68cdec0ac76454c3b0f7af0b8a3895db00adf6daaf3b50a99716858c4fa54c6f
https://etherscan.io/tx/0xcd314668aaa9bbfebaf1a0bd2b6553d01dd58899c508d4729fa7311dc5d33ad7
20220415 Rikkei Finance - AccessControl & Price Oracle Manipulation
Lost: $1.1 million (2671 BNB)
Testing
forge test --contracts ./src/test/Rikkei_exp.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/bsc/mainnet/archive --fork-block-number 16956474 -vv
Link reference
https://blockmagnates.com/rikkei-finance-hack/
https://knownseclab.com/news/625e865cf1c544005a4bdaf2
https://rikkeifinance.medium.com/rikkei-finance-incident-investigation-report-b5b1745b0155
https://bscscan.com/tx/0x93a9b022df260f1953420cd3e18789e7d1e095459e36fe2eb534918ed1687492
20220412 ElephantMoney - Flashloan & Price Oracle Manipulation
Lost: $11.2 million (27,416.46 BNB)
Testing
forge test --contracts ./src/test/Elephant_Money_poc.t.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/bsc/mainnet/archive --fork-block-number 16886438 -vv
Link reference
https://medium.com/elephant-money/reserve-exploit-52fd36ccc7e8
https://twitter.com/peckshield/status/1514023036596330496
https://twitter.com/BlockSecTeam/status/1513966074357698563
https://bscscan.com/tx/0xec317deb2f3efdc1dbf7ed5d3902cdf2c33ae512151646383a8cf8cbcd3d4577
20220409 GYMNetwork
Lost: 1,327 WBNB
Testing
forge test --contracts ./src/test/Gym_1_exp.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/bsc/mainnet/archive --fork-block-number 16798806 -vv
Link reference
https://twitter.com/BlockSecTeam/status/1512832398643265537
https://medium.com/@Beosin_com/beosin-analysis-of-the-attack-on-gymdefi-e5a23bfd93fe
https://bscscan.com/tx/0xa5b0246f2f8d238bb56c0ddb500b04bbe0c30db650e06a41e00b6a0fff11a7e5
20220327 Revest Finance - Reentrancy
Lost: $11.2 million
Testing
forge test --contracts ./src/test/Revest_exp.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/eth/mainnet/archive --fork-block-number 14465356 -vv
Link reference
https://blocksecteam.medium.com/revest-finance-vulnerabilities-more-than-re-entrancy-1609957b742f
https://etherscan.io/tx/0xe0b0c2672b760bef4e2851e91c69c8c0ad135c6987bbf1f43f5846d89e691428
20220326 Auctus
Lost: $726 k
Testing
forge test --contracts ./src/test/Auctus_exp.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/eth/mainnet/archive --fork-block-number 14460635 -vv
Link reference
https://twitter.com/AuctusOptions/status/1508647849663291398?cxt=HHwWjICzpbzO5e8pAAAA
https://etherscan.io/tx/0x2e7d7e7a6eb157b98974c8687fbd848d0158d37edc1302ea08ee5ddb376befea
20220322 CompoundTUSDSweepTokenBypass
Testing
forge test --contracts ./src/test/CompoundTusd_exp.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/eth/mainnet/archive --fork-block-number 14266479 -vv
Link reference
https://blog.openzeppelin.com/compound-tusd-integration-issue-retrospective/
20220321 OneRing Finance - Flashloan & Price Oracle Manipulation
Lost: $1.45 million
Testing
forge test --contracts ./src/test/OneRing_exp.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/fantom/mainnet/archive --fork-block-number 34041499 -vv
Link reference
https://medium.com/oneringfinance/onering-finance-exploit-post-mortem-after-oshare-hack-602a529db99b
https://ftmscan.com/tx/0xca8dd33850e29cf138c8382e17a19e77d7331b57c7a8451648788bbb26a70145
20220313 Paraluni - Flashloan & Reentrancy
Lost: $1.7 million
Testing
forge test --contracts ./src/test/Paraluni_exp.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/bsc/mainnet/archive --fork-block-number 16008280 -vv
Link reference
https://halborn.com/explained-the-paraluni-hack-march-2022/
https://twitter.com/peckshield/status/1502815435498176514
https://mobile.twitter.com/paraluni/status/1502951606202994694
https://zhuanlan.zhihu.com/p/517535530
https://bscscan.com/tx/0x70f367b9420ac2654a5223cc311c7f9c361736a39fd4e7dff9ed1b85bab7ad54
20220309 Fantasm Finance
Lost: $2.6 million
Testing
forge test --contracts ./src/test/Fantasm_exp.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/fantom/mainnet --fork-block-number 32971742 -vv
Link reference
https://twitter.com/fantasm_finance/status/1501569232881995785
https://medium.com/quillhash/fantom-based-protocol-fantasm-suffers-2-6m-exploit-32de8191ccd4
https://etherscan.io/tx/0xacfcaa8e1c482148f9f2d592c78ca7a27934c7333dab31978ed0aef333a28ab6
20220305 Bacon Protocol - Reentrancy
Lost: $1 million
Testing
forge test --contracts ./src/test/Bacon_exp.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/eth/mainnet/archive --fork-block-number 14326931 -vv
Link reference
https://twitter.com/peckshield/status/1500105933128495108
https://etherscan.io/tx/0xacfcaa8e1c482148f9f2d592c78ca7a27934c7333dab31978ed0aef333a28ab6
https://etherscan.io/tx/0x7d2296bcb936aa5e2397ddf8ccba59f54a178c3901666b49291d880369dbcf31
20220303 TreasureDAO - Zero Fee
Lost: $1 million
Testing
forge test --contracts ./src/test/TreasureDAO_exp.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/arbitrum/mainnet --fork-block-number 7322694 -vv
Link reference
https://slowmist.medium.com/analysis-of-the-treasuredao-zero-fee-exploit-73791f4b9c14
https://arbiscan.io/tx/0x82a5ff772c186fb3f62bf9a8461aeadd8ea0904025c3330a4d247822ff34bc02
20220214 BuildFinance - DAO
Lost: $470k
Testing
forge test --contracts ./src/test/BuildF_exp.sol --fork-url https://speedy-nodes-nyc.moralis.io/[AKPKEY]/eth/mainnet/archive --fork-block-number 14235712 -vv
Link reference
https://twitter.com/finance_build/status/1493223190071554049
https://www.cryptotimes.io/build-finance-suffered-hostile-governance-takeover-lost-470k/
https://etherscan.io/tx/0x544e5849b71b98393f41d641683586d0b519c46a2eeac9bcb351917f40258a85
20220118 Multichain (Anyswap) - Insufficient Token Validation
Lost: $1.4 million
Testing
forge test --contracts ./src/test/Anyswap_poc.t.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/eth/mainnet/archive --fork-block-number 14037236 -vv
Link reference
https://medium.com/zengo/without-permit-multichains-exploit-explained-8417e8c1639b
https://twitter.com/PeckShieldAlert/status/1483363515411099651
https://etherscan.io/tx/0xe50ed602bd916fc304d53c4fed236698b71691a95774ff0aeeb74b699c6227f7
20211221 Visor Finance - Reentrancy
Lost: $8.2 million
Testing
forge test --contracts ./src/test/Visor_exp.t.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/eth/mainnet/archive --fork-block-number 13849006 -vv
Link reference
https://twitter.com/GammaStrategies/status/1473306777131405314
https://etherscan.io/tx/0x69272d8c84d67d1da2f6425b339192fa472898dce936f24818fda415c1c1ff3f
20211130 MonoX Finance - Price Manipulation
Lost: $31 million
Testing
forge test --contracts ./src/test/Mono_exp.t.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/eth/mainnet/archive --fork-block-number 13715025 -vv
Link reference
https://slowmist.medium.com/detailed-analysis-of-the-31-million-monox-protocol-hack-574d8c44a9c8
https://knownseclab.com/news/61a986811992da0067558749
https://www.tuoniaox.com/news/p-521076.html
https://polygonscan.com/tx/0x5a03b9c03eedcb9ec6e70c6841eaa4976a732d050a6218969e39483bb3004d5d
https://etherscan.io/tx/0x9f14d093a2349de08f02fc0fb018dadb449351d0cdb7d0738ff69cc6fef5f299
20210916 SushiSwap Miso
Lost: All funds returned
Testing
forge test --contracts ./src/test/Sushimiso_exp.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/eth/mainnet/archive --fork-block-number 13038771 -vv
Link reference
https://www.paradigm.xyz/2021/08/two-rights-might-make-a-wrong
https://etherscan.io/tx/0x78d6355703507f88f2090eb780d245b0ab26bf470eabdb004761cedf3b1cda44
20210830 Cream Finance - Flashloan Attack + Reentrancy
Lost: $18 million
Testing
forge test --contracts ./src/test/Cream_exp.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/eth/mainnet/archive --fork-block-number 13125070 -vv
Link reference
https://twitter.com/peckshield/status/1432249600002478081
https://etherscan.io/tx/0xa9a1b8ea288eb9ad315088f17f7c7386b9989c95b4d13c81b69d5ddad7ffe61e
https://slowmist.medium.com/cream-hacked-analysis-us-130-million-hacked-95c9410320ca
20210817 XSURGE - Flashloan Attack + Reentrancy
Lost: $5 million
Testing
forge test --contracts ./src/test/XSURGE_exp.t.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/bsc/mainnet/archive --fork-block-number 10087723 -vv
Link reference
https://beosin.medium.com/a-sweet-blow-fb0a5e08657d
https://bscscan.com/tx/0x8c93d6e5d6b3ec7478b4195123a696dbc82a3441be090e048fe4b33a242ef09d
20210308 DODO - Flashloan Attack
Lost: $700,000
Testing
forge test --contracts ./src/test/dodo_flashloan_exp.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/eth/mainnet/archive --fork-block-number 12000000 -vv
Link reference
https://halborn.com/explained-the-dodo-dex-hack-march-2021/
https://etherscan.io/tx/0x395675b56370a9f5fe8b32badfa80043f5291443bd6c8273900476880fb5221e
20201229 Cover Protocol
Testing
forge test --contracts ./src/test/Cover_exp.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/eth/mainnet/archive --fork-block-number 11542309 -vv
Link reference
https://mudit.blog/cover-protocol-hack-analysis-tokens-minted-exploit/
https://slowmist.medium.com/a-brief-analysis-of-the-cover-protocol-hacked-event-700d747b309c
20201026 Harvest Finance - Flashloan Attack
Lost: $33.8 million
Testing
forge test --contracts ./src/test/HarvestFinance_exp.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/eth/mainnet/archive --fork-block-number 11129473 -vv
Link reference
https://mudit.blog/cover-protocol-hack-analysis-tokens-minted-exploit/
https://slowmist.medium.com/a-brief-analysis-of-the-cover-protocol-hacked-event-700d747b309c
https://rekt.news/harvest-finance-rekt/
https://etherscan.io/tx/0x35f8d2f572fceaac9288e5d462117850ef2694786992a8c3f6d02612277b0877
20171106 Parity - 'Accidentally Killed It'
Lost: 514k ETH
Testing
forge test --contracts ./src/test/Parity_kill.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/eth/mainnet/archive --fork-block-number 4501735 -vvvv
Link reference
https://elementus.io/blog/which-icos-are-affected-by-the-parity-wallet-bug/
https://etherscan.io/tx/0x05f71e1b2cb4f03e547739db15d080fd30c989eda04d37ce6264c5686e0722c9
https://etherscan.io/tx/0x47f7cff7a5e671884629c93b368cb18f58a993f4b19c2a53a8662e3f1482f690
Bug Reproduce
20220623 Sense Finance - Access Control
Missing access control in onSwap()
Bounty: $50,000
Testing
forge test --contracts ./src/test/SenseFinance_exp.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/eth/mainnet/archive --fork-block-number 15017009 -vv
Link reference
https://medium.com/immunefi/sense-finance-access-control-issue-bugfix-review-32e0c806b1a0
FlashLoan Testing
DODO FlashLoan Testing
forge test --contracts ./src/test/dodo_flashloan.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/eth/mainnet/archive --fork-block-number 12000000 -vv
AAVE FlashLoan Testing
forge test --contracts ./src/test/flashloan_aave.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/eth/mainnet/archive --fork-block-number 14972418 -vv
Balancer FlashLoan Testing
forge test --contracts ./src/test/flashloan_balancer.t.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/eth/mainnet/archive --fork-block-number 14684822 -vv
Pancakeswap FlashSwap Testing
forge test --contracts ./src/test/flashswap_pancake.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/bsc/mainnet/archive --fork-block-number 18646610 -v
Biswap FlashSwap Testing
forge test --contracts ./src/test/flashloan_biswap.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/bsc/mainnet/archive --fork-block-number 18671800 -vv
UniSwapV2 FlashSwap Testing
forge test --contracts ./src/test/flashloan_uniswapv2.sol --fork-url https://speedy-nodes-nyc.moralis.io/[APIKEY]/eth/mainnet/archive --fork-block-number 14971460 -vv
Some codes referred to Rivaill and W2Ning repo and rewrote to the foundry version.
最近版本更新:(数据更新于 2024-09-01 10:34:46)
fijiapes/defihacklabs同语言 Solidity最近更新仓库
2024-10-03 22:56:46 OpenZeppelin/openzeppelin-contracts
2024-08-28 00:31:10 Uniswap/UniswapX
2024-07-26 11:31:29 bnb-chain/bsc-genesis-contract
2024-02-23 01:47:34 eth-infinitism/account-abstraction
2021-02-26 11:11:11 bnb-chain/eth-bsc-swap-contracts
1970-01-01 00:00:00 Vectorized/solady