Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

Zora has a module for allowing users to list any NFT for sale at a fixed price and currency. This is referred to as AsksV1 or Buy Now in the ecosystem.

A potential buyer is able to fill that listing by calling a method in the AsksV1. With this, Zora transfers the funds out of the buyers account and sends them to the seller for payment. In return, the NFT is transferred to the new owners account.

In Ethereum, a transaction is put into the mempool where a miner selects which transactions will be put into a given block. If a transaction will pay out more (higher gas), it is more likely to be selected. The key component is that this is NOT a queue that is FIFO.

Because of the transaction pool not being a queue that is FIFO, it creates an attack known as frontrunning - a type of race condition. This happens when something is in the mempool but somebody else can put another transaction at a higher gas price to do something malicious to you.

In the case of our NFT trading site, there is a frontrunning issue. To make the payment for the NFT, a user must first approve Zora to pull funds from the account. A common pattern is for an infinite amount of user tokens to be allowed by the contract. This allows for a user experience improvement and saves on gas costs.

What's the problem with this though?

1. A seller places an NFT at a very discounted price.
2. A buyer sees the good deal. They allow for Zora to spend an infinite amount of a users token.
3. The buyer calls the functionality to purchase the token.
4. The seller sees the purchase has been made in the mempool. As a result, they make a higher priority transaction to increase the price of the NFT.
5. The buyer purchases the NFT for a bogus cost because of the infinite approval of spending on the token.

This vulnerability does require user interaction in order to pull off. However, the frontrunning attack is very slick and could have been used to wipe the users wallet clean of a particular coin. To mitigate this bug in the future, V3 now has a field to specify the cost you would like to pay for it. Overall, neat bug!