SushiSwap MISO exploit PoC
This is a proof-of-concept exploit for the vulnerability in a SushiSwap contract found by samczsun.
Table of Contents
Install
- Install dependencies with
yarn
- Rename the
.env.sample
file to.env
, and include your API key for Alchemy.
Run
You can run this as a Hardhat script with yarn hardhat run scripts/exploit.js
.
Everything will be executed against a local fork of mainnet starting at block 13038768. Depending on your setup, the script can take a while to run - so be patient.
Once executed, you should see:
$ yarn hardhat run scripts/exploit.js
Initial victim ETH balance is 108919.388734924494623216 ETH
Initial attacker ETH balance is 3.0 ETH
Deploying attacker contract
Executing attack
- Requesting flash-loan
- Calling vulnerable function
- Sending funds back to attacker
Final victim ETH balance is 0.00105275808 ETH
Final attacker ETH balance is 108921.221258201762405602 ETH
Details
Specific details of the vulnerability are explained by samczsun in his article.
As of the proof of concept shown here, it basically consists of:
- Deploying an attacker contract (see
contracts/AttackerContract.sol
) - Taking a flash loan of WETH from AAVE v2, and unwrapping it to ETH
- Calling the
batch
function of the vulnerable contract. This essentially will call thecommitEth
function multiple times, always using the same amount of ETH. - Receiving the refunds in the attacker contract.
- Wrapping the ETH to WETH, and repaying the flash loan.
- Enjoying the +100k ETH taken from the vulnerable contract.
Note that most of these steps are just to make the PoC more realistic. Anyone with enough ETH in their account could have simply triggered this just from an EOA.
Probably there's room to improve the script's efficiency tweaking the number of calls, amount of ETH sent in call to the batch
function, logic in the attacker contract, etc. You can actually note that the script leaves some dust ETH in the victim due to this - which is OK for this PoC. But if you want to go down the rabbit hole, all yours. In any case, considering the profits to be made, it's likely that attackers wouldn't have cared too much probably anyway.