Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

Two ways that things can be hacked in blockchain-land: attacking code running on the blockchain or attacking the blockchain itself. While auditing code for the EVM implementation for Polkadot called Frontier.

Frontier executes the Ethereum smart contracts but uses the Polkadot substrate as the ledger; differences in these can cause major problems. Ethereum stores integers as 256 bits but Polkadot stores them on the ledger as 128 bit. This is done via truncating the number in Rust.

The balance can never be larger than 128 bit so what's the problem? The msg.value of a transaction has the entire 256 bit value controlled by a user, even if it is an invalid amount to send. This bypasses the verification of the usage of funds within the ledger math but results in it not adding funds to our account.

What if a contract used the full msg.value value though? This is the key to the bug. Code written in Solidity will use the full msg.value while the ledger only uses the 128 bits. So, we can call something that uses native ETH, like WETH, and trick it into sending us something that we shouldn't own.

The exploit payload is awesomely simple: weth.deposit{value : 1 << 128}. This will deposit an insane amount of WETH into our account without spending any actual ETH. From the authors estimates, over 150M dollars were at risk.

Even though Moonbeam, Astar and Polkadot all had 1M bug bounty programs each, they decided to reward a total of 1M and split the bounty. Kind of a bummer for the author of the post but a million is an insane amount of money. Overall, amazing bug discovery and exploitation of the issue.