Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

Dark pools are private asset exchanges designed to provide additional liquidity and anonymity for trading large blocks of securities away from the public eye. Zellic was auditing a dark pool to withdraw and deposit when they found a bug.

The darkpool could hold funds for ETH, ERC20 and ERC712 tokens. The LP positions were being held as non-fungible ERC-712 tokens. For all of these funds, they consisted of three fields: asset type, amount and footer (hash). All of this information is stored within a single merkle tree but isn't domain separated at all.

Since these are not domain separated, type confusion bugs may be possible. In particular, use one note type in a function that expected another in order to force unexpected functionality to occur. The types of notes are not explained well in the article but I'm doing my best to understand the flow of it.

The function split() can be used to split a note into different positions. If this is called on a different asset, such as a fungible note, it will treat the second field as the amount even on a non-fungible note type. By using an NFT note for a function meant to be a fungible note, the liquidity from a previous transfer can be split. Now, when the attacker calls uniswapRemoveLiquidity, it will withdraw the funds from the other user.

To fix the bug, a domain separator on the different note types to prevent the type confusion. Type confusion bugs are all over the place but don't always work out because things need to line up. This was a good bug and an interesting read!