https://github.com/pyk/inverse-exploit

Reproduce Inverse Finance exploit using Foundry
https://github.com/pyk/inverse-exploit

Last synced: about 1 year ago
JSON representation

Reproduce Inverse Finance exploit using Foundry

• Host: GitHub
• URL: https://github.com/pyk/inverse-exploit
• Owner: pyk
• Created: 2022-04-02T14:52:33.000Z (about 4 years ago)
• Default Branch: main
• Last Pushed: 2022-04-02T18:42:33.000Z (about 4 years ago)
• Last Synced: 2025-04-02T02:22:56.042Z (about 1 year ago)
• Language: Solidity
• Size: 12.7 KB
• Stars: 1
• Watchers: 2
• Forks: 1
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# Inverse Finance Exploit

Reproduce Inverse Finance exploit using Foundry.

To learn more about the exploit,you can read about it [here][1] and [here][2].

I believe the exploiter have a good opsec before executing the attack.

[1]: https://twitter.com/FrankResearcher/status/1510239094777032713?s=20&t=-OoDI3sbMA2dvmHbr8XAkw

[2]: https://twitter.com/euler_mab/status/1510243496015368193?s=20&t=-OoDI3sbMA2dvmHbr8XAkw

## Lessons Learned

Gud highlight from [@euler_mob][3]:

1. Stop using thinly-traded illiquid assets as collateral!

2. Arbitrage bots provide protection against manipulation only

   if there is an arbitrage opportunity.

3. Attackers may risk large amounts of stolen funds to fund attacks.

[3]: https://twitter.com/euler_mab/status/1510243498804588544?s=20&t=-OoDI3sbMA2dvmHbr8XAkw

## Reproduce

Run the following command to reproduce the exploit:

    $ forge test --fork-block-number 14506359 --fork-url RPC_URL

Replace the `RPC_URL` with Alchemy or any other RPC that support archival node.