Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

tBTC is a bridge that brings BTC to the Ethereum network. This is done using the threshold protocol.

Redemption's requested when going from BTC to tBTC on Ethereum can be rquested. Then, a list of decentralized relayers using a multi-sig wallet must approve the transaction that occurred. The threshold is 51/100.

FTX got "hacked" a while ago. Well, did they? Or was this Sam just hiding money? We're not really sure. Anyway, some of this money was moving through the network and somebody noticed. A hacker noticed.

Somebody found a way to pause the tBTC network network. This was done by manually crafting a transaction that caused the validator signing clients to stop working. In particular, the client thought that the wallets were busy and unable to service anymore requests. An 0-day was dropped!

There's a second bug that's more of a design flaw than anything else that allowed the first bug to be possible. There is only a single approver address nominated by the DAO, creating a single point of failure. If this was compromised then the whole thing would be shattered.

Further, any system that requires specific approval can have an issue like this. So, instead of using an approval based mechanism they decided to move to a veto-based setup. They describe this as all things going through by default but specific addresses have the ability to veto or pause transactions. This is similar to the Guardian role in optimistic minting.

Overall, interesting post on a DoS bug within a popular protocol. The design decision discussion is very fascinating to see as well.