Wargame Provider: @tinchoabbate Challenge #9 - Puppet v2 The developers of the last lending pool are saying that they’ve learned the lesson. And just released a new version! Now they’re using a Uniswap v2 exchange as a price oracle, along with the recommended utility libraries. That should be enough. You start with 20 ETH and 10000 DVT tokens in balance. The new lending pool has a million DVT tokens in balance. You know what to do ;) See the contracts Complete the challenge Code Audit Transacti…

Wargame Provider: @tinchoabbate Challenge #8 - Puppet There’s a huge lending pool borrowing Damn Valuable Tokens (DVTs), where you first need to deposit twice the borrow amount in ETH as collateral. The pool currently has 100000 DVTs in liquidity. There’s a DVT market opened in an Uniswap v1 exchange, currently with 10 ETH and 10 DVT in liquidity. Starting with 25 ETH and 1000 DVTs in balance, you must steal all tokens from the lending pool. See the contracts Complete the challenge Code Audit T…

SubGraph Decentralized protocol for indexing and querying data on the blockchain, starting with Ethereum Possible to inquire data that is difficult to inquire directly Uniswap complex smart contracts When it is difficult to read anything other than the underlying data directly from the blockchain, such as projects such as the Bored Ape Yacht Club NFT initiative Bored Ape Yacht Club Get the owner of a specific Ape Perform basic read operations on contracts such as getting Ape content URI or tota…

Overview How it works at the uniswap code level uniswap code structure method uniswap contract Core Contract: Pair Core Contract: Factory Periphery Contract: Router Core Contract SingleTone Factory, consists of several pairs where Factory is responsible for creation and indexing. Contracts with a smaller surface area are easier to reason about, more prone to bugs, and functionally better. This means that many desired properties of the system can be asserted directly in code, leaving little room…

Wargame Provider: @tinchoabbate Challenge #6 — Selfie A new cool lending pool has launched! It’s now offering flash loans of DVT tokens. Wow, and it even includes a really fancy governance mechanism to control it. What could go wrong, right ? You start with no DVT tokens in balance, and the pool has 1.5 million. Your objective: take them all. See the contracts Complete the challenge Code Audit SelfiePool.sol Dependency The @Openzeppelin external library contract is dependent on ReentrancyGuard…

Wargame Provider: @tinchoabbate Challenge #7 — Compromised While poking around a web service of one of the most popular DeFi projects in the space, you get a somewhat strange response from their server. This is a snippet: A related on-chain exchange is selling (absurdly overpriced) collectibles called “DVNFT”, now at 999 ETH each This price is fetched from an on-chain oracle, and is based on three trusted re porters: . Starting with only 0.1 ETH in balance, you must steal all ETH available i…

Wargame Provider: @tinchoabbate Challenge #5 — The rewarder There’s a pool offering rewards in tokens every 5 days for those who deposit their DVT tokens into it. Alice, Bob, Charlie and David have already deposited some DVT tokens, and have won their rewards! You don’t have any DVT tokens. But in the upcoming round, you must claim most rewards for yourself. Oh, by the way, rumours say a new pool has just landed on mainnet. Isn’t it offering DVT tokens in flash loans? See the contracts Complete…

Wargame Provider: @tinchoabbate Challenge #4 — Side entrance A surprisingly simple lending pool allows anyone to deposit ETH, and withdraw it at any point in time. This very simple lending pool has 1000 ETH in balance already, and is offering free flash loans using the deposited ETH to promote their system. You must take all ETH from the lending pool. Code Audit SideEntranceLenderPool.sol Dependency The address contract of the openzeppelin library is used as a dependency. State Variable It is …

Wargame Provider: @tinchoabbate Challenge #3 — Truster More and more lending pools are offering flash loans. In this case, a new pool has launched that is offering flash loans of DVT tokens for free. Currently the pool has 1 million DVT tokens in balance. And you have nothing. But don’t worry, you might be able to take them all from the pool. In a single transaction. Code Audit TrusterLenderPool.sol Dependency We are using the Address contract of the openzeppelin library as a dependency. State…

Wargame Provider: @tinchoabbate Challenge #2 — Naive receiver There’s a lending pool offering quite expensive flash loans of Ether, which has 1000 ETH in balance. You also see that a user has deployed a contract with 10 ETH in balance, capable of interacting with the lending pool and receiveing flash loans of ETH. Drain all ETH funds from the user’s contract. Doing it in a single transaction is a big plus ;) Code Audit NaiveReceiverLenderPool.sol Dependency We are using the Address contract of…

Wargame Provider: @tinchoabbate Challenge #1 — Unstoppable There’s a lending pool with a million DVT tokens in balance, offering flash loans for free. If only there was a way to attack and stop the pool from offering flash loans … You start with 100 DVT tokens in balance. Code Audit UnstoppableLender.sol Quick Security Check By using the ReentrancyGuardcontract, nonReentrant Modifier is applied to the internal functions of the main contract to prevent reentrancy calls from occurring. State Var…