Skip to content
/ sushiswap-exploit Public

SushiSwap RouteProcessor2 exploit repro + supporting data useful for whitehats.

License

AGPL-3.0 license
91 stars 4 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Anish-Agnihotri/sushiswap-exploit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
.github/workflows
.github/workflows
 
 
data
data
 
 
lib
lib
 
 
src
src
 
 
test
test
 
 
.gitignore
.gitignore
 
 
.gitmodules
.gitmodules
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
foundry.toml
foundry.toml
 
 

Repository files navigation

sushiswap-exploit

SushiSwap RouteProcessor2 exploit reproduction + supporting data useful for whitehat rescue.

Exploit reproduction

Found in src/CounterExploit.sol. Exploits pool re-entrancy to arbitrarily transfer approved tokens.

The Tenderly debugger is useful in understanding the exploit path.

# Get dependencies
forge update

# Run tests
forge test --fork-url MAINNET_RPC --fork-block-number 17007460

Whitehat data

With the RouteProcessor2 contract deployed across 14 chains, users are susceptible to allowance drainage across many networks. ./data contains code and allowance mappings used to generate and whitehat balances.

Note:

  1. These allowances are only based on addresses that interacted with the RouteProcessor2 contract (and do not include allowances approved indepdently of a swap or other interaction), except for mainnet, where I bruteforced approvals in all blocks since the router was deployed.
  2. Although I have whitehatted all possible non-zero balances today, there may exist more in the future, as users with non-zero approvals but zero balances add pre-approved tokens to their wallets.

License

GNU Affero GPL v3.0

About

SushiSwap RouteProcessor2 exploit repro + supporting data useful for whitehats.

Resources

Readme

License

AGPL-3.0 license
Activity

Stars

91 stars

Watchers

2 watching

Forks

4 forks
Report repository

Languages