Skip to content
/ eth-alarm-clock-contracts-exploit Public

A bot that "exploits" contracts created using the Ethereum-alarm-clock package

2 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

lelerukjaymoh/eth-alarm-clock-contracts-exploit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
.vscode
.vscode
 
 
src
src
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
package.json
package.json
 
 
tsconfig.json
tsconfig.json
 
 
yarn.lock
yarn.lock
 
 

Repository files navigation

Ethereum Alarm Clock "Exploit"

First of all this is not really an exploit (buuuut any action that enables you to get someone's else eth sounds like an exploit to me).

So there is this package called Ethereum Alarm Clock it is a collection of smart contracts on Ethereum that aims to allow for the scheduling of transactions to be executed at a later time The catch in these contracts is that, the contracts allows you to cancel some transaction requests even if you are not the owner. This feature is there on purpose to incentive other users to destroy the transaction requests that have "expired" and get paid for that (so its not an exploit). This is there so as to ensure funds are not forever left in these contract. Once you destroy someone's contract, you get paid 1% of the execution cost (bounty) that the user had set while making his transaction request plus the cost of your cancel transaction. This means that, if a a user had set the bounty (how much he is paying to have his scheduled transaction executed) as 0.1 eth, and you spend 0.0001 eth to execute the cancel transaction you should be paid (0.1 eth * 1% + 0.0001 eth) and the rest is sent to the original owner of the contract.

I saw a guy (https://etherscan.io/txs?a=0xbb1d6b3be1396a4b5ccb8d061b302250bb2b73fd) who was exploiting these contracts (this guys did this for several contracts and ended up with 18 eth) and so I decided to give it a try. First started by going through the package docs (https://ethereum-alarm-clock.readthedocs.io/en/latest/index.html) and saw the cancellation feature explained here (https://ethereum-alarm-clock.readthedocs.io/en/latest/transaction_request.html?highlight=cancel#id11)

I created a small bot that could call the cancel function of these contracts. (https://github.com/lelerukjaymoh/eth-alarm-clock-contracts-exploit) and retrieve some eth. Made some tests and finally it worked. I cancelled this contract (https://etherscan.io/address/0x287fd348efdef29ca03cb82554112369c9355f37) and got 0.002068 eth in this transaction (https://etherscan.io/tx/0x2bd1244aab414ba9b740b399521115612daae076dd1bbe2211335847fb2e2188). A very small amount but the experience was worth it.

Started searching for other contracts that I could exploit, got 500 of them but unfortunately all the contracts had small balances. The guy who got the 18 eth had drained most of the contracts and some had no balance at all

About

A bot that "exploits" contracts created using the Ethereum-alarm-clock package

Resources

Readme
Activity

Stars

2 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages