/VisorFinanceExploit

This is a demo for the visor finance exploit happened on Dec-21-2021

Primary LanguageSolidity

Visor finance exploit demo

This is a demo to replay the Visor Finance exploit happened on Dec-21-2021

https://etherscan.io/tx/0x69272d8c84d67d1da2f6425b339192fa472898dce936f24818fda415c1c1ff3f

Installation & Run

npm install
npx hardhat run scripts/execute.js

Explanation

From blocksecteam tools - https://versatile.blocksecteam.com/tx/eth/0x69272d8c84d67d1da2f6425b339192fa472898dce936f24818fda415c1c1ff3f, A Deposit function is called in RewardsHypervisor contract

Lets check the if-else block , there are literally two bugs in 7 lines of code.

  1. There are no sanity check to the user input , any malicisou contract implementing owner() and delegateTransferERC20() can mint the vVisor without depositing VISOR
  2. In else clause, from can be any victims that have given RewardHypervisor approval to transfer their token, a exploiter can then mint vVisor without depositing his own VISOR

Disclaimer

This codebase is for demonstration purposes only

License

MIT