SafeDollar exploit root cause analysis

Those who cannot learn from history are doomed to repeat it.

The Exploit

How many?

831,309,277,244,108,000 SDO

That’s a lot.

As a result, the hacker has taken out 202k USDC and 46k USDT. And of course it also crashed the price of SDO to 0.

How?

In this transaction, the hacker deposited and withdrawal ~2.3M PLX token 101 times, get a lesser amount each time because of the transfer tax of PLX, ended up getting only 2M PLX at the last time.

Seems like a bad deal? Not really.

The hacker then sent the second transaction to claim the reward and got 831,309,277,244,108,000 SDO as the reward.

The Root Cause

When lpSupply gets drained to near zero. The accSdoPerShare skyrocketed.

As the 101 times of deposit and withdrawal drained the balance of PLX to near zero, the accSdoPerShare skyrocketed (to 1142913215739484400 per PLX in case you would like to find out the exact number).

You might recall one recent exploit that’s very similar to this one: the Garuda exploit. Yeah, that’s the same deal, mishandling of tokens with transfer tax.

How come projects keep falling into the same trap again and again.

Those who cannot learn from history are doomed to repeat it.

About Us

Donation: 0x227d72Ec9f332292523f64032DD25111676404aA

Pug against Rug