Skip to content
/ notional-flash-attack Public

Proof of Concept of (now fixed) vulnerability in Notional smart contracts

42 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

one-hundred-proof/notional-flash-attack

BranchesTags

Repository files navigation

A Proof of Concept for a hypothetical attack on Notional Finance's smart contracts

The vector that allowed this attack has now been fixed on the Ethereum mainnet

Introduction

This is the Proof of Concept that I submitted to Notional Finance via Immunefi, a bug bounty platform.

It runs a Foundry test at a particular block height to show that a small bug in the AccountAction.nTokenRedeem function allowed an attacker -- with the help of a flash loan from Aave -- to drain the contract of approximately $1.49M of value.

Notional Finance's post-mortem can be found here.

How to run this Proof of Concept

Setup

$ npm install

If you have installed Foundry yet, install it with:

$ curl -L https://foundry.paradigm.xyz | bash

I ran this PoC locally with the following forge version:

$ forge --version
forge 0.2.0 (e947899 2022-09-02T00:06:30.659378189Z)

Running the Proof of Concept

$ ./run-forge

About

Proof of Concept of (now fixed) vulnerability in Notional smart contracts

Resources

Readme
Activity

Stars

42 stars

Watchers

3 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages