Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

A price oracle is used to view the price information of a given asset. This is commonly used for trading platforms.

These oracles come in two flavors: on chain and off chain. Automated Market Makers (AMM - also known as a Decentralized Exchange) such as Uniswap and PancakeSwap. For constant-product AMMs, like UniswapV2, the users rely upon a ratio between two tokens. This solution has a problem with price fluctuations.

For off chain, such as Chainlink, the data is calculated off chain, then added to a contract periodically. This has the problem of speed of support of other tokens, safeness and scalability.

A loan is simply money given in advance. A flash loan is borrowing a large amount of money (for a fee) for a short period of time without collateral. In particular, it has to be returned within transaction; otherwise, it will be reversed. Why is this useful? Arbitrage! The idea is to buy something you cannot afford then sell it in another market for a little bit more to make a profit, eventually paying back the loan.

Enzyme Finance is an Ethereum baed protocol used for asset management. User can create and invest into various funds, with the rules defined by the ruler of the fund. Once money is put into a fund, they get a share for this fund, based upon the assets added.

How much does a share cost? This is calculated via the function calcGav() to mint tokens based upon the cost. The cost of the share is based upon the cost of the Idle Tokens, such as idleUSDCYield.

The unit price of the Idle token is calculated strictly between the net asset value of the pool divided by the supply. The code is simply price = totNav.div(totSupply0;. If we control the total supply, then we could manipulate the cost of assets in the pool. How can this be done? The contract has internal flashloan functionality, which can drastically change the price of the IdleToken.

How do we actually make money from this?

1. Make a flashloan from a smart contract for IdleUSDCYield tokens. This will affect the GAV calculations for the pool.
2. Buy shares with the ETH/USDC in the smart contract. Since the price has dropped from our flashloan, we get these at a discount.
3. Repay the flashloan.
4. Redeem the shares that we bought. Now, we can sell them at a huge gain.

To fix this problem, the idle tokens were delisted. Additionally, the flashloan functionality was removed entirely. Overall, price oracle manipulation is a scary concept without trivial fixes. With a decentralized markets, this is an inherit problem of how it's designed.