технология

MEV боту 1 миллион доллар табат, бирок бир сааттан кийин хакерге баарын жоготот

09/28/2022
Bitcoin Ethereum Маалымат

An Ethereum arbitrage trading bot managed to hit the jackpot and lose it all on the same day in an ironic turn of events in борборлоштурулган каржылоо (DeFi)

In a Twitter thread, Robert Miller, who works at the research firm Flashbots, бөлүштү how a Maximal Extractable Value (MEV) bot with the prefix 0xbadc0de was able to earn 800 Ether (ETH), around $1 million, through arbitrage trades.

Миллердин айтымында, бот соодагер 1.8 миллион долларды cUSDC аркылуу сатууга аракет кылганда пайда болгон чоң арбитраж мүмкүнчүлүгүн пайдаланган. борбордон ажыратылган алмашуу (DEX) Uniswap v2 жана анын ордуна 500 долларлык активдерди гана алды. Бот бул мүмкүнчүлүктү байкап, дароо ишке киришип, чоң киреше тапкан.

However, only an hour later, a hacker exploited a vulnerability in 0xbadc0de’s “bad code” and tricked it into authorizing a transaction that drained its balance of 1,101 ETH, which was around $1.41 million at the time of writing.

According to the blockchain security firm PeckShield, the bug can be traced back to the bot’s callback routine, and this was кор болгон дагы бир by the hacker to approve an arbitrary address for spending. 

байланыштуу: Pantera CEO DeFi, Web3 жана NFTs боюнча Token2049 ишке ашууда

On Sept. 18, a vulnerability in Profanity, an Ethereum vanity address generator, was exploited, draining $3.3 million in funds from various wallets. Investigations done by the decentralized exchange (DEX) aggregator 1inch Network highlighted that there was anambiguity in terms of the creation of the wallets. The DEX warned users that their wallets were at risk and urged them to transfer their assets.

More than a week later, another vanity wallet address was exploited and drained of almost $1 million worth of ETH. After stealing the funds, the hackers immediately sent them to the controversial crypto mixer Tornado Cash.