Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

While reading blockchain security articles, the author of this post stumbled across this post talking about delegatecall() on a pre-compiled contract causing infinite money creation problems because of the events it was emitting.

From there, they went through a list of the most popular blockchains one by one. The author was looking for pre-compiled smart contracts to see if any of them were vulnerable to the delegatecall() attack mentioned above. Eventually, they stumbled upon Velas.

Velas is a side chain built on Solana but has a special instruction to invoke EVM programs as well. With the chains native currency VLX, this is held by the Native Type. When a program runs in the EVM space, it belongs to the EvmState account.

The bridge between VLX from the EVM space to the Native space is done by sending a transaction to a precompiled contract. By making a delegateCall to the function transferToNative the contract believes that the proper funds are there even though the contract making the delegateCall is the true owner of the funds.

The blockchain now executes code that will transfer the funds back to the native state, even though they were never removed from the ETH state. This can be done over and over again to create an infinite amount of VLX tokens in the EVM space. Overall, great bug discovery after a lot of time of looking!