Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

Opyn is building DeFi-native derivatives and options infrastructure in DeFi. Anything handling money needs to be extremely secure.

Opyn allows any user to open a vault, with adequate assets and oTokens. Once the oTokens have been burned and the assets have been taken, the OptionContract pays out the assets in the vault to the user via the exercise function.

When exercise is reached, the function loops through a given list of vaults. When it pays the user the assets, this is done via the transerFrom ERC20 function call. The contract validates that the user has sent enough money for the assets via a checking msg.value.

Remember how this is done via a loop with multiple vaults? The validation checks the msg.value, which is a global variable in the context of Solidity. The contract only validates that msg.value is enough for the single item being validated in the vault; not for the multiple items being taken.

This means that the contract is vulnerable to a double spend attack. By specifying two vault items worth the same amount, we can trick the contract to allow us to get paid out for multiple vaults while only paying once.

To fix this problem, the amount being paid out should have been stored in a local variable. When taking out one item from the vault, the worth of the item should have been subtracted from the amount to ensure that the amount is correct. To me, it is amazing that the contract supported multiple payouts at once but this bug was never caught.