Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

BabySwap is a trading platform on BNB chain.

When performing a swap call, the address of the factory is used controlled. With proper input validation, this would be okay. However, this factory could return a fake token pair for BabySwap.

The fake pair, with the proper interfaces implemented, performs fake swaps. Although this doesn't seem like a big deal, it's pretty terrible. Since the contract thinks that it was a real swap, it records rewards. By inflating the cost of the rewards with the fake trades, the attacker can take a lot of money from th contract. Real BABY tokens from the fake swap.