Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

Algorand is another blockchain solution. Tinyman is a marketplace for trading, liquidity providers, and developers. It uses an Automated Market Maker (AMM) algorithm over liquidity pools (a collection of assets). This service is similar to Uniswap on Ethereum.

When using Tinyman's burn (token remove) function, it will give back the user two different tokens. The amounts of each token depend on the amount stored within the protocol, which is key to this. For instance, they wanted to burn (remove) some of coin 1 and some of coin 2, they would get the real assets back of both.

The attacker found a vulnerability that allowed them to retrieve only a single token back. Since one of them would be much more valuable than the other, this allowed them to take more money out of the pool than expected.

The attacker performed this attack over and over again (17 times) in order to team 3 million dollars. The contracts are written in teal, no good code snippets were shown. Regardless, they probably let you choose which tokens to return, not realizing the implications of this.

If you look at the public pentest report, almost the same exact issue occurs when taking out money (withdraw). Teal is a very low level language, meaning they don't have variables but scratch memory slots. The wrong slot was used for a comparison, making it possible to take money out.

The other bugs in the report was interesting was well. For instance, the GroupSize property is used to keep track of the amount of transactions in play that are signed. However, this is not checked and is assumed to be 5. If this was larger than 5 then additional transactions can be included to drain other pools.

Another one is integer division being performed prior to multiplication. Since integers automatically round down, a drift in the protocol fee would occur. They found an integer error in the handling of 64-bit vs. 128 bit numbers as well.

Overall, a subtle design decision that was exploited by the attacker led to a lot of lost money. Sadly, this protocol was tested prior to release with 6 critical findings and this still happened. The bugs from the report were interesting to look at as well.