Awesome
DeFi Hacks Reproduce - Foundry
Reproduce DeFi hack incidents using Foundry.
539 incidents included.
Let's make Web3 secure! Join Discord
Notion: 101 root cause analysis of past DeFi hacked incidents
Disclaimer: This content serves solely as a proof of concept showcasing past DeFi hacking incidents. It is strictly intended for educational purposes and should not be interpreted as encouraging or endorsing any form of illegal activities or actual hacking attempts. The provided information is for informational and learning purposes only, and any actions taken based on this content are solely the responsibility of the individual. The usage of this information should adhere to applicable laws, regulations, and ethical standards.
Getting Started
-
Follow the instructions to install Foundry.
-
Clone and install dependencies:
git submodule update --init --recursive
Web3 Cybersecurity Academy
All articles are also published on Substack.
OnChain transaction debugging
- Lesson 1: Tools ( English | 中文 | Vietnamese | Korean | Spanish )
- Lesson 2: Warm up ( English | 中文 | Korean | Spanish )
- Lesson 3: Write Your Own PoC (Price Oracle Manipulation) ( English | 中文 | Korean | Spanish )
- Lesson 4: Write Your Own PoC (MEV Bot) ( English | 中文 | Korean | Spanish )
- Lesson 5: Rugpull Analysis ( English | 中文 | Spanish )
- Lesson 6: Write Your Own PoC (Reentrancy) ( English | 中文 | Spanish )
- Lesson 7: Hack Analysis: Nomad Bridge, August 2022 ( English | 中文 | Spanish )
Who Support Us? DeFiHackLabs Received Grant From
<a href="https://x.com/GCCofCommons"> <img src="https://github.com/SunWeb3Sec/DeFiHackLabs/assets/107249780/84fb64ac-1d2b-45ba-b864-b744bbbfdb30" width="600"/> </a>Donate us
If you appreciate our work, please consider donating. Even a small amount helps us continue developing and improving our projects, and promoting web3 security.
- Gitcoin - Donate DeFiHackLabs
- EVM Chains - 0xD7d6215b4EF4b9B5f40baea48F41047Eb67a11D5
- Giveth
List of Past DeFi Incidents
20240703 UnverifiedContr_0x452E25
20240417 UnverifiedContr_0x00C409
<details> <summary> 2023 </summary>20231201 UnverifiedContr_0x431abb
20230715 USDTStakingContract28
20230627 UnverifiedContr_9ad32
</details> <details> <summary> 2022 </summary>20221024 MulticallWithoutCheck
20221011 Rabby Wallet SwapRouter
20220908 Ragnarok Online Invasion
20220701 Quixotic - Optimism NFT Marketplace
20220624 Harmony's Horizon Bridge
20220608 Optimism - Wintermute
20220430 Rari Capital/Fei Protocol
20220322 CompoundTUSDSweepTokenBypass
</details> <details> <summary> 2021 </summary> </details> <details> <summary> Before 2020 </summary>20171106 Parity - 'Accidentally Killed It'
</details>Transaction debugging tools
Phalcon | Tx tracer | Cruise | Ethtx | Tenderly | eigenphi
Ethereum Signature Database
Useful tools
ABI to interface | Get ABI for unverified contracts | ETH Calldata Decoder | ETHCMD - Guess ABI | Abi tools
Hacks Dashboard
Slowmist | Defillama | De.Fi | Rekt | Cryptosec
List of DeFi Hacks & POCs
20241026 CompoundFork - Flashloan attack
Lost: $1M
forge test --contracts ./src/test/2024-10/CompoundFork_exploit.sol -vvv --evm-version shanghai
Contract
Link reference
20241022 Erc20transfer - Access Control
Lost: $14,773.35
forge test --contracts ./src/test/2024-10/Erc20transfer_exp.sol -vvv
Contract
Link reference
https://x.com/d23e_AG/status/1849064161017225645
20241022 Vista - flashmint receive error
Lost: $28,000
forge test --contracts ./src/test/2024-10/VISTA_exp.sol -vvv --evm-version cancun
Contract
Link reference
https://x.com/TenArmorAlert/status/1848403791881900130
20241013 MorphoBlue - Overpriced Asset in Oracle
Lost: $230,000
forge test --contracts ./src/test/2024-10/MorphoBlue_exp.sol -vvv --evm-version shanghai
Contract
Link reference
https://x.com/omeragoldberg/status/1845515843787960661
20241011 P719Token - Price Manipulation Inflate Attack
Total Lost : 547.18 BNB (~$312K USD)
forge test --match-contract P719Token_exp -vvv
Contract
Link reference
https://x.com/TenArmorAlert/status/1844753750386426182
20241006 SASHAToken - Price Manipulation
Total Lost : 249 ETH (~$600K USD)
forge test --match-contract SASHAToken_exp -vvv
Contract
Link reference
https://x.com/0xNickLFranklin/status/1842864840265883833
20241010 HYDT - Oracle Price Manipulation
Total Lost : 5.8k USDT
forge test --contracts ./src/test/2024-10/HYDT_exp.sol -vvv --evm-version cancun
Contract
Link reference
https://x.com/TenArmorAlert/status/1844241843518951451
20241005 AIZPTToken - Wrong Price Calculation
Total Lost : 34.88 BNB (~$20K USD)
forge test --match-contract AIZPTToken_exp -vvv
Contract
Link reference
https://x.com/0xNickLFranklin/status/1842576732047700077
20241001 FireToken - Pair Manipulation With Transfer Function
Lost: 8.45 ETH (~$20K USD)
forge test --contracts ./src/test/2024-10/FireToken_exp.sol -vvv
Contract
Link reference
https://twitter.com/0xNickLFranklin/status/1841305965750350089
20241002 LavaLending - Price Manipulation
Lost: 1 USDC, 125795.6 cUSDC, 0,0067 WBTC, 2.25 WETH (~$130K USD)
forge test --match-contract LavaLending_exp -vvv
Contract
Link reference
https://x.com/0xNickLFranklin/status/1841823216425435308
20240926 OnyxDAO - Fake Market
Lost: 4.1M VUSD, 7.35M XCN, 5K DAI, 0.23 WBTC, 50K USDT (>$3.8M USD)
forge test --match-contract OnyxDAO_exp -vvv
Contract
Link reference
https://x.com/peckshield/status/1839302663680438342
20240926 Bedrock_DeFi - Swap ETH/BTC 1/1 in mint function
Lost: 27.83925883 BTC (~$1.7M USD)
forge test --match-contract Bedrock_DeFi_exp -vvv
Contract
Link reference
https://x.com/certikalert/status/1839403126694326374
20240924-MARA---price-manipulation
Lost: ~8.8 WBNB (~5.3K USD)
forge test --match-contract MARA_exp -vvv
Contract
Link reference
https://bscscan.com/tx/0x0fe3716431f8c2e43217c3ca6d25eed87e14d0fbfa9c9ee8ce4cef2e5ec4583c
20240923 Bankroll_Network - Incorrect input validation
Lost: ~404 WBNB (~234.8K USD)
forge test --match-contract Bankroll_exp -vvv
Contract
Link reference
https://x.com/Phalcon_xyz/status/1838042368018137547
20240913 OTSeaStaking - Logic Flaw
Lost: 26k
forge test --match-contract OTSeaStaking_exp -vvv
Contract
Link reference
Nick Franklin: https://nickfranklin.site/2024/09/13/otsea-staking-hacked/
20240910 Caterpillar_Coin_CUT - Price Manipulation
Lost: ~1.4M USD
forge test --match-contract Caterpillar_Coin_CUT_exp -vvv --evm-version shanghai
Contract
Link reference
https://www.certik.com/zh-CN/resources/blog/caterpillar-coin-cut-token-incident-analysis
20240903 Penpiexyz_io - Reentrancy and Reward Manipulation
Lost: 11,113.6 ETH (~$27,348,259 USD)
forge test --match-contract Penpiexyzio_exp -vvv --evm-version shanghai
Contract
Link reference
https://x.com/peckshield/status/1831072098669953388
https://x.com/AnciliaInc/status/1831080555292856476
https://x.com/hackenclub/status/1831383106554573099
post-morten: https://x.com/Penpiexyz_io/status/1831462760787452240
20240828 AAVE - Arbitrary Call Error
Lost: 52000
forge test --match-contract AAVE_Repay_Adapter -vvv
Contract
Link reference
https://www.vibraniumaudits.com/post/aave-hacked-via-periphery-contract-56kstolenfromtipjar
20240816 Zenterest - Price Out Of Date
Lost: ~21000 USD
forge test --match-contract Zenterest_exp -vvvv --evm-version shanghai
Contract
Link reference
https://x.com/0xNickLFranklin/status/1824579761383018564
20240816 OMPx Contract - FlashLoan
Lost: 4.37 ETH (~11527 USD)
forge test --match-contract OMPxContract_exp -vvv
Contract
Link reference
https://x.com/0xNickLFranklin/status/1820816386551357448
20240814 NoName - Arbitrary Call
Lost: ~5k
forge test --match-contract YodlRouter_exp -vvv
Contract
Link reference
https://x.com/0xNickLFranklin/status/1823601087011807636
20240813 VOW - Misconfiguration
Lost: ~ 1M USD
forge test --match-contract VOW_exp -vvv
Contract
Link reference
https://x.com/Vowcurrency/status/1823407231658025300
20240812 iVest - Business logic flaw
Lost: ~338 WBNB
forge test --match-contract IvestDao_exp -vvv
Contract
Link reference
https://x.com/AnciliaInc/status/1822870201698050064
20240806 Novax - Price Manipulation
Lost: ~25K USD
forge test --match-contract NovaXM2E_exp -vvv
Contract
Link reference
https://x.com/EXVULSEC/status/1820676684410147276
20240801 Convergence - Incorrect input validation
Lost: ~200K USD
forge test --match-contract Convergence_exp -vvvv --evm-version cancun
Contract
Link reference
https://x.com/DecurityHQ/status/1819030089012527510
20240724 Spectra_finance - Incorrect input validation
Lost: ~73K USD
forge test --match-contract Spectra_finance_exp -vvv
Contract
Link reference
https://x.com/shoucccc/status/1815981585637990899
20240723 MEVbot_0xdd7c - Incorrect input validation
Lost: ~18k USD
forge test --match-contract -vvv --evm-version cancun
Contract
Link reference
https://x.com/SlowMist_Team/status/1815656653100077532
20240716 Lifiprotocol - Incorrect input validation
Lost: ~10M USD
forge test --match-contract Lifiprotocol_exp -vvv
Contract
Link reference
https://x.com/danielvf/status/1505689981385334784
20240714 Minterest - Reentrancy
Lost: ~427 ETH
forge test --match-contract Minterest_exp -vvv
Contract
Link reference
https://x.com/0xNickLFranklin/status/1813122959219040323
20240712 DoughFina - Incorrect input validation
Lost: ~1.8M USD
forge test --match-contract DoughFina_exp -vvv
Contract
Link reference
https://x.com/CertiKAlert/status/1811668992882307478
20240711 SBT - business logic flaw
Lost: ~56K USD
forge test --match-contract SBT_exp -vvv
Contract
Link reference
https://x.com/0xNickLFranklin/status/1811401263969673654
20240711 GAX - Lack of access control
Lost: ~50K $BUSD
forge test --match-contract GAX_exp -vvv
Contract
Link reference
https://x.com/EXVULSEC/status/1811348160851378333
20240708 LW - Integer Underflow
Lost: ~7K USD
forge test --match-contract LW_exp -vvv
Contract
Link reference
https://x.com/0xNickLFranklin/status/1810245893490368820
20240705 DeFiPlaza - loss of precision
Lost: ~200K USD
forge test --match-contract DeFiPlaza_exp -vvv
Contract
Link reference
https://x.com/DecurityHQ/status/1809222922998808760
20240703 UnverifiedContr_0x452E25 - lack-of-access-control
Lost: 27 ETH
forge test --match-contract UnverifiedContr_0x452E25_exp -vvv --evm-version "cancun"
Contract
UnverifiedContr_0x452E25_exp.sol
Link reference
https://x.com/SlowMist_Team/status/1808334870650970514
20240702 MRP - Reentrancy
Lost: 17 BNB
forge test --match-contract MRP_exp -vvv
Contract
Link reference
https://x.com/0xNickLFranklin/status/1808309614443733005
20240628 Will - business logic flaw
Lost: $52K
forge test --match-contract Will_exp -vvv --evm-version "shanghai"
Contract
Link reference
https://x.com/0xNickLFranklin/status/1806704287252394238
20240627 APEMAGA - business logic flaw
Lost: ~9 ETH
forge test --match-contract APEMAGA_exp -vvv --evm-version "shanghai"
Contract
Link reference
https://x.com/ChainAegis/status/1806297556852601282
20240618 INcufi - business logic flaw
Lost: ~59K USD
forge test --match-contract INcufi_exp -vvv
Contract
Link reference
https://x.com/0xNickLFranklin/status/1803317022513832301
20240617 Dyson_money - business logic flaw
Lost: 52 BNB
forge test --match-contract Dyson_money_exp -vvv
Contract
Link reference
https://x.com/0xNickLFranklin/status/1802634237667054052
20240616 WIFCOIN_ETH - business logic flaw
Lost: ~3.4 ETH (WIF token)
forge test --match-contract WIFCOIN_ETH_exp -vvv --evm-version "shanghai"
Contract
Link reference
https://x.com/ChainAegis/status/1802550962977964139
20240616 Crb2 - business logic flaw
Lost: ~15K
forge test --match-contract Crb2_exp -vvv --evm-version shanghai
Contract
Link reference
20240611 JokInTheBox - business logic flaw
Lost: ~9.2 ETH
forge test --match-contract JokInTheBox_exp -vvv --evm-version cancun
Contract
Link reference
https://x.com/0xNickLFranklin/status/1800355604692910571
20240610 Bazaar - Insufficient Permission Check
Lost: 1.4M
forge test --match-contract Bazaar_exp -vvv
Contract
Link reference
https://x.com/shoucccc/status/1800353122159833195
20240608 YYStoken - Business Logic Flaw
Lost: $28K
forge test --match-contract YYS_exp -vv
Contract
Link reference
https://x.com/0xNickLFranklin/status/1799610045589831833
20240606 SteamSwap - Logic Flaw
Lost: ~$91k
forge test --match-contract SteamSwap_exp -vvv --evm-version shanghai
Contract
Link reference
https://x.com/SlowMist_Team/status/1798905797440897386
20240606 MineSTM - Business Logic Flaw
Lost: $13.8K
forge test --match-contract MineSTM_exp -vv
Contract
Link reference
https://x.com/0xNickLFranklin/status/1798920774511898862
20240604 NCD - Business Logic Flaw
Lost: $6.4K
forge test --match-contract NCD_exp -vv
Contract
Link reference
https://x.com/SlowMist_Team/status/1797821034319765604
20240601 VeloCore - lack-of-access-control
Lost: $6.88M
forge test --match-contract Velocore_exp -vv
Contract
Link reference
https://x.com/BeosinAlert/status/1797247874528645333
20240531 Liquiditytokens - Business Logic Flaw
Lost: ~200K USD
forge test --match-contract Liquiditytokens_exp -vvv
Contract
Link reference
https://x.com/EXVULSEC/status/1796499069583724638
20240531 MixedSwapRouter - Arbitrary Call
Lost: >10700USD(WINR token)
forge test --match-contract MixedSwapRouter_exp -vvv
Contract
Link reference
https://x.com/ChainAegis/status/1796484286738227579
20240529 SCROLL - Integer Underflow
Lost: 76 ETH
forge test --match-contract SCROLL_exp -vvv
Contract
Link reference
https://x.com/0xNickLFranklin/status/1795650745448169741
20240529 MetaDragon - Lack of Access Control
Lost: ~ $180k
forge test --match-contract MetaDragon_exp -vvvvv --evm-version shanghai
Contract
Link reference
https://x.com/Phalcon_xyz/status/1795746828064854497
20240528 Tradeonorion - Business Logic Flaw
Lost: ~645K
forge test --match-contract Tradeonorion_exp -vvv
Contract
Link reference
https://x.com/MetaSec_xyz/status/1796008961302258001
20240528 EXcommunity - Business Logic Flaw
Lost: 33BNB
forge test --match-contract EXcommunity_exp -vvv
Contract
Link reference
https://x.com/SlowMist_Team/status/1795648617530995130
20240527 RedKeysCoin - Weak RNG
Lost: $12K
forge test --match-contract RedKeysCoin_exp -vvv --evm-version shanghai
Contract
Link reference
20240526 NORMIE - Business Logic Flaw
Lost: $490K
forge test --match-contract NORMIE_exp -vv
Contract
Link reference
https://x.com/lookonchain/status/1794680612399542672
20240522 Burner - sandwich ack
Lost: 1.7 eth
forge test --match-contract Burner_exp -vv
Contract
Link reference
https://x.com/0xNickLFranklin/status/1792925754243625311
20240516 TCH - Signature Malleability Vulnerability
Lost: $18K
forge test --match-contract TCH_exp -vvv
Contract
Link reference
https://x.com/DecurityHQ/status/1791180322882629713
20240514 Sonne Finance - Precision loss
Lost: $20M
forge test --match-contract Sonne_exp -vvv
Contract
Link reference
https://neptunemutual.com/blog/taking-a-closer-look-at-sonne-finance-exploit/
20240514 PredyFinance - Reentrancy
Lost: $464K
forge test --match-contract PredyFinance_exp -vvv
Contract
Link reference
https://twitter.com/Phalcon_xyz/status/1790307019590680851
20240512 TGC - Business Logic Flaw
Lost: $32K
forge test --match-contract TGC_exp -vvv
Contract
Link reference
https://x.com/ChainAegis/status/1789490986588205529
20240510 GFOX - lack of access control
Lost: 330K USD
forge test --match-contract GFOX_exp -vvv --evm-version shanghai
Contract
Link reference
https://twitter.com/CertiKAlert/status/1788751142144401886
20240510 TSURU - Insufficient Validation
Lost: 140K
forge test --match-contract TSURU_exp -vvv --evm-version shanghai
Contract
Link reference
https://base.tsuru.wtf/usdtsuru-exploit-incident-report
20240508 GPU - self transfer
Lost: ~32K USD
forge test --match-contract GPU_exp -vvv
Contract
Link reference
https://twitter.com/PeckShieldAlert/status/1788153869987611113
20240507 SATURN - Price Manipulation
Lost: ~15 BNB
forge test --match-contract OSN_exp -vvv
Contract
Link reference
https://twitter.com/ChainAegis/status/1787667253435195841
20240506 OSN - Reward Distribution Problem
Lost: ~109K USD
forge test --match-contract OSN_exp -vvv --evm-version shanghai
Contract
Link reference
https://twitter.com/SlowMist_Team/status/1787330586857861564
20240430 Yield - Business Logic Flaw
Lost: 181K
forge test --match-contract Yield_exp -vvv
Contract
Link reference
https://twitter.com/peckshield/status/1785121607192817692
https://medium.com/immunefi/yield-protocol-logic-error-bugfix-review-7b86741e6f50
20240430 PikeFinance - Uninitialized Proxy
Lost: 1.4M
forge test --match-contract PikeFinance_exp -vvv
Contract
Link reference
https://twitter.com/Phalcon_xyz/status/1785508900093194591
20240427 BNBX - precission loss
Lost: ~75 $BNB
forge test --match-contract BNBX_exp -vvv --evm-version shanghai
Contract
Link reference
https://x.com/ChainAegis/status/1784431544557514896
20240425 NGFS - Bad Access Control
Lost: ~190K
forge test --match-contract NGFS_exp -vvv --evm-version shanghai
Contract
Link reference
https://twitter.com/CertiKAlert/status/1783476515331616847
20240424 XBridge - Logic Flaw
Lost: >200k USD(plus a lot of STC, SRLTY, Mazi tokens)
forge test --match-contract XBridge_exp -vvv
Contract
20240424 YIEDL - Input Validation
Lost: 150k USD
forge test --match-contract YIEDL_exp -vvv
Contract
20240422 Z123 - price manipulation
Lost: 136k USD
forge test --match-contract Z123_exp -vvv
Contract
Link reference
https://twitter.com/PeckShieldAlert/status/1782322484911784385
20240420 Rico - Arbitrary Call
Lost: 36K
forge test --match-contract Rico_exp -vvv
Contract
Link reference
https://twitter.com/ricocreditsys/status/1781803698940781009
20240419 HedgeyFinance - Logic Flaw
Lost: 48M USD
forge test --match-contract HedgeyFinance_exp -vvv
Contract
Link reference
https://twitter.com/Cube3AI/status/1781294512716820918
20240417 UnverifiedContr_0x00C409 - unverified external call
Lost: ~ 18 eth
forge test --match-contract UnverifiedContr_0x00C409_exp -vvv
Contract
UnverifiedContr_0x00C409_exp.sol
Link reference
https://x.com/CyversAlerts/status/1780593407871635538
20240416 SATX - Logic Flaw
Lost: ~ 50 BNB
forge test --match-contract SATX_exp -vvv
Contract
Link reference
https://x.com/bbbb/status/1780341239801393479
20240416 MARS - Bad Reflection
Lost: >100K
forge test --match-contract MARS_exp -vv
Contract
Link reference
https://twitter.com/Phalcon_xyz/status/1780150315603701933
20240415 GFA - business-logic-flaw
Lost: ~14K USD
forge test --match-contract GFA_exp -vvv
Contract
Link reference
https://x.com/ChainAegis/status/1779809931962827055
20240415 ChaingeFinance - Arbitrary External Call
Lost: ~560K
forge test --match-contract ChaingeFinance_exp -vvv
Contract
Link reference
https://twitter.com/CyversAlerts/status/1779875922381860920
20240414 Hackathon - business logic flaw
Lost: ~20K
forge test --match-contract Hackathon_exp -vvv
Contract
Link reference
https://x.com/EXVULSEC/status/1779519508375613827
20240412 FIL314 - Insufficient Validation And Price Manipulation
Lost: ~14 BNB
forge test --match-contract FIL314_exp -vvv
Contract
Link reference
20240412 SumerMoney - Reentrancy
Lost: 350K
forge test --match-contract SumerMoney_exp -vvv
Contract
Link reference
https://twitter.com/0xNickLFranklin/status/1778986926705672698
20240412 GROKD - lack of access control
Lost: $~150 BNB
forge test --match-contract GROKD_exp -vvv
Contract
Link reference
https://x.com/hipalex921/status/1778482890705416323?t=KvvG83s7SXr9I55aftOc6w&s=05
20240410 BigBangSwap - precission loss
Lost: $~5K $BUSD
forge test --match-contract BigBangSwap_exp -vvv
Contract
Link reference
https://x.com/ChainAegis/status/1778254222288621912
20240409 UPS - business logic flaw
Lost: $~28K USD
forge test --match-contract UPS_exp -vvv
Contract
Link reference
https://twitter.com/0xNickLFranklin/status/1777589021058728214
20240408 SQUID - sandwich attack
Lost: $~87K USD
forge test --match-contract SQUID_exp -vvv
Contract
Link reference
https://twitter.com/bbbb/status/1777228277415039304
20240404 wsm - manipulating price
Lost: $~18K USD
forge test --match-contract WSM_exp -vvv
Contract
Link reference
https://hacked.slowmist.io/#:~:text=Hacked%20target%3A%20Wall%20Street%20Memes
20240402 HoppyFrogERC - business logic flaw
Lost: ~0.3 ETH
forge test --match-contract HoppyFrogERC_exp -vvv --evm-version shanghai
Contract
Link reference
https://x.com/ChainAegis/status/1775351437410918420
20240401 ATM - business logic flaw
Lost: $~182K USD
forge test --match-contract ATM_exp -vvv
Contract
Link reference
https://twitter.com/0xNickLFranklin/status/1775008489569718508
20240401 OpenLeverage - business logic flaw
Lost: ~234K
forge test --match-contract OpenLeverage2_exp -vvv
Contract
Link reference
https://twitter.com/0xNickLFranklin/status/1774727539975672136
20240329 ETHFIN - lack of access control
Lost: ~$1.24K (2.13 BNB)
forge test --match-contract ETHFIN_exp -vvv --evm-version shanghai
Contract
Link reference
20240329 PrismaFi - Insufficient Validation
Lost: $~11M
forge test --match-contract Prisma_exp -vvv
Contract
Link reference
https://twitter.com/EXVULSEC/status/1773371049951797485
20240328 LavaLending - Business Logic Flaw
Lost: ~340K
forge test --match-contract LavaLending_exp -vvv
Contract
Link reference
https://twitter.com/0xNickLFranklin/status/1774727539975672136
https://twitter.com/Phalcon_xyz/status/1773546399713345965
https://hackmd.io/@LavaSecurity/03282024
20240325 ZongZi - Price Manipulation
Lost: ~223K
forge test --match-contract ZongZi_exp -vvv
Contract
Link reference
https://twitter.com/0xNickLFranklin/status/1772195949638775262
20240323 CGT - Incorrect Access Control
Lost: 996B (CGT token)
forge test --match-contract CGT_exp -vvv
Contract
Link reference
https://x.com/AnciliaInc/status/1771598968448745536
20240321 SSS - Token Balance Doubles on Transfer to self
Lost: 4.8M
forge test --match-contract SSS_exp -vvv
Contract
Link reference
https://twitter.com/dot_pengun/status/1770989208125272481
20240324 ARK - business logic flaw
Lost: ~348BNB
forge test --match-contract ARK_exp -vvv
Contract
Link reference
https://twitter.com/Phalcon_xyz/status/1771728823534375249
20240320 Paraswap - Incorrect Access Control
Lost: ~24K
forge test --match-contract Paraswap_exp -vvv --evm-version shanghai
Contract
Link reference
https://medium.com/neptune-mutual/analysis-of-the-paraswap-exploit-1f97c604b4fe
20240314 MO - business logic flaw
Lost: ~413k USDT
forge test --match-contract MO_exp -vvv
Contract
Link reference
https://twitter.com/0xNickLFranklin/status/1768184024483430523
20240313 IT - business logic flaw
Lost: ~13k USDT
forge test --via-ir ---match-contract IT_exp -vvv
Contract
Link reference
https://twitter.com/0xNickLFranklin/status/1768171595561046489
20240312 BBT - business logic flaw
Lost: ~5.06 ETH
forge test --match-contract BBT_exp -vvv
Contract
Link reference
https://x.com/8olidity/status/1767470002566058088
20240311 Binemon - precission-loss
Lost: ~0.2 BNB
forge test --match-contract Binemon_exp -vvv
Contract
Link reference
20240309 Juice - Business Logic Flaw
Lost: ~54 ETH
forge test --match-contract Juice_exp -vvv --evm-version shanghai
Contract
Link reference
https://medium.com/@juicebotapp/juice-staking-exploit-next-steps-95e218b3ec71
20240309 UnizenIO - unverified external call
Lost: ~2M
forge test --match-contract UnizenIO_exp -vvvv
Contract
UnizenIO_exp.sol | UnizenIO2_exp.sol
Link reference
https://twitter.com/Phalcon_xyz/status/1766274000534004187
https://twitter.com/AnciliaInc/status/1766261463025684707
20240307 GHT - Business Logic Flaw
Lost: ~57K
forge test --match-contract GHT_exp -vvv
Contract
Link reference
20240306 ALP - Public internal function
Lost: ~10K
Testing
forge test --match-contract ALP_exp -vvv
Contract
Link Reference
https://twitter.com/0xNickLFranklin/status/1765296663667875880
20240306 TGBS - Business Logic Flaw
Lost: ~150K
forge test --match-contract TGBS_exp -vvv
Contract
Link reference
https://twitter.com/0xNickLFranklin/status/1765290290083144095
https://twitter.com/Phalcon_xyz/status/1765285257949974747
20240305 Woofi - Price Manipulation
Lost: ~8M
forge test --match-contract Woofi_exp -vvv
Contract
Link reference
https://twitter.com/spreekaway/status/1765046559832764886 https://twitter.com/PeckShieldAlert/status/1765054155478175943
20240228 Seneca - Arbitrary External Call Vulnerability
Lost: ~6M
forge test --match-contract Seneca_exp -vvv
Contract
Link reference
https://twitter.com/Phalcon_xyz/status/1763045563040411876
20240228 SMOOFSStaking - Reentrancy
Lost: Unclear
forge test --match-contract SMOOFSStaking_exp -vvv
Contract
Link reference
https://twitter.com/AnciliaInc/status/1762893563103428783
https://twitter.com/0xNickLFranklin/status/1762895774311178251
20240223 Zoomer - Business Logic Flaw
Lost: ~14 ETH
forge test --match-contract Zoomer_exp -vvv --evm-version "shanghai"
Contract
Link reference
https://x.com/ChainAegis/status/1761246415488225668
20240223 CompoundUni - Oracle bad price
Lost: ~439,537 USD
forge test --match-contract CompoundUni_exp -vvv
Contract
Link reference
https://twitter.com/0xLEVI104/status/1762092203894276481
20240223 BlueberryProtocol - logic flaw
Lost: ~1,400,000 USD
forge test --match-contract BlueberryProtocol_exp -vvv
Contract
Link reference
https://twitter.com/blueberryFDN/status/1760865357236211964
20240222 SwarmMarkets - lack of validation
Lost: ~7k $DAI
forge test --match-contract SwarmMarkets_exp -vvv
Contract
Link reference
20240221 DeezNutz 404 - lack of validation
Lost: ~170k
forge test --match-contract DeezNutz404_exp -vvv
Contract
Link reference
https://twitter.com/0xNickLFranklin/status/1760481343161700523
20240221 GAIN - bad function implementation
Lost: ~6.4 ETH
forge test --match-contract GAIN_exp -vvv
Contract
Link reference
https://twitter.com/0xNickLFranklin/status/1760559768241160679
20240220 EGGX - reentrancy
Lost: ~2 ETH
forge test --match-contract EGGX_exp -vvv
Contract
Link reference
https://x.com/PeiQi_0/status/1759826303044497726
20240219 RuggedArt - reentrancy
Lost: ~10k
forge test --match-contract RuggedArt_exp -vvv
Contract
Link reference
https://twitter.com/EXVULSEC/status/1759822545875025953
20240216 ParticleTrade - lack of validation data
Lost: ~50k
forge test --match-contract ParticleTrade_exp -vvv
Contract
Link reference
https://twitter.com/Phalcon_xyz/status/1758028270770250134
20240215 DualPools - precision truncation
Lost: ~42k
forge test --match-contract DualPools_exp -vvvv
Contract
Link reference
https://medium.com/@lunaray/dualpools-hack-analysis-5209233801fa
20240215 Babyloogn - lack of validation
Lost: ~2 $BNB
forge test --match-contract Babyloogn_exp -vvvv
Contract
Link reference
20240215 Miner - lack of validation dst address
Lost: ~150k
forge test --match-contract Miner_exp -vvv --evm-version shanghai
Contract
Link reference
https://twitter.com/Phalcon_xyz/status/1757777340002681326
20240213 MINER - Price Manipulation
Lost: ~3.5 WBNB
forge test --match-contract MINER_bsc_exp -vvv --evm-version shanghai
Contract
Link reference
20240211 Game - Reentrancy && Business Logic Flaw
Lost: ~20 ETH
forge test --match-contract Game_exp -vvv
Contract
Link reference
https://twitter.com/AnciliaInc/status/1757533144033739116
20240210 FILX DN404 - Access Control
Lost: 200K
forge test --match-contract DN404_exp -vvv
Contract
20240208 Pandora - interger underflow
Lost: ~17K USD
forge test --match-contract PANDORA_exp -vvv
Contract
Link reference
https://twitter.com/pennysplayer/status/1766479470058406174
20240205 BurnsDefi - Price Manipulation
Lost: ~67K
forge test --match-contract BurnsDefi_exp -vvv
Contract
Link reference
https://twitter.com/pennysplayer/status/1754342573815238946
https://medium.com/neptune-mutual/how-was-citadel-finance-exploited-a5f9acd0b408 (similar incident)
20240202 ADC - incorrect-access-control
Lost: ~20 eth
forge test --match-contract ADC_exp -vvv
Contract
Link reference
https://x.com/EXVULSEC/status/1753294675971313790
20240201 AffineDeFi - lack of validation userData
Lost: ~88K
forge test --match-contract AffineDeFi_exp -vvv
Contract
Link reference
https://twitter.com/Phalcon_xyz/status/1753020812284809440
https://twitter.com/CyversAlerts/status/1753040754287513655
20240130 XSIJ - Business Logic Flaw
Lost: ~51K USD
forge test --match-contract XSIJ_exp -vvv
Contract
Link reference
https://x.com/CertiKAlert/status/1752384801535918264
20240130 MIMSpell - Precission Loss
Lost: ~6,5M
forge test --match-contract MIMSpell2_exp -vvv
Contract
Link reference
https://twitter.com/kankodu/status/1752581744803680680
https://twitter.com/Phalcon_xyz/status/1752278614551216494
https://twitter.com/peckshield/status/1752279373779194011
https://phalcon.blocksec.com/explorer/security-incidents
20240129 PeapodsFinance - Reentrancy
Lost: ~1K $DAI
forge test --match-contract PeapodsFinance_exp -vvv
Contract
Link reference
20240128 BarleyFinance - Reentrancy
Lost: ~130K
forge test --match-contract BarleyFinance_exp -vvv
Contract
Link reference
https://phalcon.blocksec.com/explorer/security-incidents
https://www.bitget.com/news/detail/12560603890246
https://twitter.com/Phalcon_xyz/status/1751788389139992824
20240127 CitadelFinance - Price Manipulation
Lost: ~93K
forge test --match-contract CitadelFinance_exp -vvv
Contract
Link reference
https://medium.com/neptune-mutual/how-was-citadel-finance-exploited-a5f9acd0b408
20240125 NBLGAME - Reentrancy
Lost: ~180K
forge test --match-contract NBLGAME_exp -vvv
Contract
Link reference
https://twitter.com/SlowMist_Team/status/1750526097106915453
https://twitter.com/AnciliaInc/status/1750558426382635036
20240122 DAO_SoulMate - Incorrect Access Control
Lost: ~319K
forge test --match-contract DAO_SoulMate_exp -vvv --evm-version 'shanghai'
Contract
Link reference
https://twitter.com/MetaSec_xyz/status/1749743245599617282
20240117 BmiZapper - Arbitrary external call vulnerability
Lost: ~114K
forge test --match-contract Bmizapper_exp -vvv
Contract
Link reference
https://x.com/0xmstore/status/1747756898172952725
20240115 Shell_MEV_0xa898 - lack of access control
Lost: ~1K $BUSD
forge test --match-contract Shell_MEV_0xa898_exp -vvv
Contract
Link reference
20240112 SocketGateway - Lack of calldata validation
Lost: ~3.3Million $
forge test --match-contract SocketGateway_exp -vvv --evm-version shanghai
Contract
Link reference
https://twitter.com/BeosinAlert/status/1747450173675196674
https://twitter.com/peckshield/status/1747353782004900274
20240112 WiseLending - Bad HealthFactor Check
Lost: ~464K
forge test --match-contract WiseLending02_exp -vvv --evm-version shanghai
Contract
Link reference
https://twitter.com/danielvf/status/1746303616778981402
20240110 Freedom - lack of access control
Lost: 74 $WBNB
forge test --match-contract Freedom_exp -vvv
Contract
Link reference
20240110 LQDX - Unauthorized TransferFrom
Lost: unknown
forge test --match-contract LQDX_alert_exp -vvv
Contract
Link reference
https://twitter.com/SlowMist_Team/status/1744972012865671452
20240104 Gamma - Price manipulation
Lost: ~6.3M
forge test --match-contract Gamma_exp -vvv
Contract
Link reference
https://twitter.com/officer_cia/status/1742772207997050899
https://twitter.com/shoucccc/status/1742765618984829326
20240102 MIC - Business Logic Flaw
Lost: ~500K
forge test --match-contract MIC_exp -vvv
Contract
Link reference
https://x.com/MetaSec_xyz/status/1742484748239536173
20240102 RadiantCapital - Loss of Precision
Lost: ~4,5M
forge test --match-contract RadiantCapital_exp -vvv
Contract
Link reference
https://neptunemutual.com/blog/how-was-radiant-capital-exploited/
https://twitter.com/BeosinAlert/status/1742389285926678784
20240101 OrbitChain - Incorrect input validation
Lost: ~81M
forge test --match-contract OrbitChain_exp -vvv
Contract
Link reference
https://blog.solidityscan.com/orbit-chain-hack-analysis-b71c36a54a69
View Gas Reports
Foundry also has the ability to report the gas
used per function call which mimics the behavior of hardhat-gas-reporter. Generally speaking if gas costs per function call is very high, then the likelihood of its success is reduced. Gas optimization is an important activity done by smart contract developers.
Every poc in this repository can produce a gas report like this:
forge test --gas-report --contracts <contract> -vvv
For Example: Let us find out the gas used in the Audius poc
Execution
forge test --gas-report --contracts ./src/test/Audius.exp.sol -vvv
Demo
Bug Reproduce
Moved to DeFiVulnLabs
FlashLoan Testing
Moved to DeFiLabs