✅Invest Pool
Last updated
Last updated
A hint for password:
This address does not expose password in any state variable, but we can find something in its metadata. Use this site to extract metadata:
Here we can find an ipfs address. Click that "View on IPFS" button:
Password is:
Note that we can pass the assertion by stealing just a little bit of tokens:
Also there is a helper function in the provided PoC template:
It should be crystal clear that the intended attack is the "first depositor inflation attack". The idea of that attack is:
attacker deposits 1 wei to get 1 share as the first depositor
attacker send a lot of tokens to the pool to inflate the share (I think of this as "sacrifice" some tokens to inflate the share)
victim user deposits some money into the pool
attacker withdraws that one share. It worths more than expected because the share was inflated. A portion of victim user's deposit will become attacker's profit.