Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

Vee Finance is a lending protocol that is mainly forked from Compound Protocol but adds a little bit more functionality.

Slippage is the cost between attempted buying price and the real buying price. Veefi attempts to validate the slippage but failed at this. When doing the trading, it uses the Pangolin Price Oracle. If the number of TokenB tokens that can be exchanged in the pool is greater than or equal to the expected number of TokenB that can be exchanged using the oracle, then it can be judged that the pool price is correct and not controlled.

The slippage check had a validation flaw in the handling of ERC20 tokens. When doing the comparisons for slippage, it did NOT take into consideration the decimals of a token. Because of this, the actual value and the slippage check are WAYYY different, allowing for oracle manipulation.

This directly caused the contract to obtain the wrong price from the oracle during the slippage check, which caused the slippage check to be bypassed. This allowed for transactions that should have been rejected to be accepted from oracle manipulation attacks, losing 34 million from the protocol.

Price Oracle manipulation is an extremely complicated attack that is becoming more and more relevant. To stop this attack, the authors removed functionality from specific classes of tokens.