Reproduce DeFi hack incidents using Foundry.
529 incidents included.
Let's make Web3 secure! Join Discord
Notion: 101 root cause analysis of past DeFi hacked incidents
Disclaimer: This content serves solely as a proof of concept showcasing past DeFi hacking incidents. It is strictly intended for educational purposes and should not be interpreted as encouraging or endorsing any form of illegal activities or actual hacking attempts. The provided information is for informational and learning purposes only, and any actions taken based on this content are solely the responsibility of the individual. The usage of this information should adhere to applicable laws, regulations, and ethical standards.
-
Follow the instructions to install Foundry.
-
Clone and install dependencies:
git submodule update --init --recursive
All articles are also published on Substack.
- Lesson 1: Tools ( English | ä¸ć–‡ | Vietnamese | Korean | Spanish )
- Lesson 2: Warm up ( English | ä¸ć–‡ | Korean | Spanish )
- Lesson 3: Write Your Own PoC (Price Oracle Manipulation) ( English | ä¸ć–‡ | Korean | Spanish )
- Lesson 4: Write Your Own PoC (MEV Bot) ( English | ä¸ć–‡ | Korean | Spanish )
- Lesson 5: Rugpull Analysis ( English | ä¸ć–‡ | Spanish )
- Lesson 6: Write Your Own PoC (Reentrancy) ( English | ä¸ć–‡ | Spanish )
- Lesson 7: Hack Analysis: Nomad Bridge, August 2022 ( English | ä¸ć–‡ | Spanish )
If you appreciate our work, please consider donating. Even a small amount helps us continue developing and improving our projects, and promoting web3 security.
- Gitcoin - Donate DeFiHackLabs
- EVM Chains - 0xD7d6215b4EF4b9B5f40baea48F41047Eb67a11D5
- Giveth
20240703 UnverifiedContr_0x452E25
20240417 UnverifiedContr_0x00C409
2023
20231201 UnverifiedContr_0x431abb
20230715 USDTStakingContract28
2022
20221024 MulticallWithoutCheck
20221011 Rabby Wallet SwapRouter
20220908 Ragnarok Online Invasion
20220701 Quixotic - Optimism NFT Marketplace
20220624 Harmony's Horizon Bridge
20220608 Optimism - Wintermute
20220430 Rari Capital/Fei Protocol
2021
Before 2020
Phalcon | Tx tracer | Cruise | Ethtx | Tenderly | eigenphi
ABI to interface | Get ABI for unverified contracts | ETH Calldata Decoder | ETHCMD - Guess ABI | Abi tools
Slowmist | Defillama | De.Fi | Rekt | Cryptosec
forge test --contracts ./src/test/2024-09/OnyxDAO_exp.sol -vvv
https://x.com/peckshield/status/1839302663680438342
forge test --contracts ./src/test/2024-09/Bedrock_DeFi_exp.sol -vvv
https://x.com/certikalert/status/1839403126694326374
forge test --contracts ./src/test/2024-09/MARA_exp.sol -vvv
https://bscscan.com/tx/0x0fe3716431f8c2e43217c3ca6d25eed87e14d0fbfa9c9ee8ce4cef2e5ec4583c
forge test --contracts ./src/test/2024-09/Bankroll_exp.sol -vvv
https://x.com/Phalcon_xyz/status/1838042368018137547
forge test --contracts ./src/test/2024-09/OTSeaStaking_exp.sol -vvv
Nick Franklin: https://nickfranklin.site/2024/09/13/otsea-staking-hacked/
forge test --contracts ./src/test/2024-09/Caterpillar_Coin_CUT_exp.sol -vvv --evm-version shanghai
https://www.certik.com/zh-CN/resources/blog/caterpillar-coin-cut-token-incident-analysis
forge test --contracts ./src/test/2024-09/Penpiexyzio_exp.sol -vvv --evm-version shanghai
https://x.com/peckshield/status/1831072098669953388
https://x.com/AnciliaInc/status/1831080555292856476
https://x.com/hackenclub/status/1831383106554573099
post-morten: https://x.com/Penpiexyz_io/status/1831462760787452240
forge test --contracts ./src/test/2024-08/AAVE_Repay_Adapter.sol -vvv
https://www.vibraniumaudits.com/post/aave-hacked-via-periphery-contract-56kstolenfromtipjar
forge test --contracts ./src/test/2024-08/Zenterest_exp.sol -vvvv --evm-version shanghai
https://x.com/0xNickLFranklin/status/1824579761383018564
forge test --contracts ./src/test/2024-08/YodlRouter_exp.sol -vvv
https://x.com/0xNickLFranklin/status/1823601087011807636
forge test --contracts ./src/test/2024-08/VOW_exp.sol -vvv
https://x.com/Vowcurrency/status/1823407231658025300
forge test --contracts src/test/2024-08/IvestDao_exp.sol -vvv
https://x.com/AnciliaInc/status/1822870201698050064
forge test --contracts ./src/test/2024-08/NovaXM2E_exp.sol -vvv
https://x.com/EXVULSEC/status/1820676684410147276
forge test --contracts ./src/test/2024-08/Convergence_exp.sol -vvvv --evm-version cancun
https://x.com/DecurityHQ/status/1819030089012527510
forge test --contracts ./src/test/2024-07/Spectra_finance_exp.sol -vvv
https://x.com/shoucccc/status/1815981585637990899
forge test --contracts src/test/MEVbot_0xdd7c_exp.sol -vvv --evm-version cancun
https://x.com/SlowMist_Team/status/1815656653100077532
forge test --contracts ./src/test/2024-07/Lifiprotocol_exp.sol -vvv
https://x.com/danielvf/status/1505689981385334784
forge test --contracts ./src/test/2024-07/Minterest_exp.sol -vvv
https://x.com/0xNickLFranklin/status/1813122959219040323
forge test --contracts ./src/test/2024-07/DoughFina_exp.sol -vvv
https://x.com/CertiKAlert/status/1811668992882307478
forge test --contracts ./src/test/2024-07/SBT_exp.sol -vvv
https://x.com/0xNickLFranklin/status/1811401263969673654
forge test --contracts ./src/test/2024-07/GAX_exp.sol -vvv
https://x.com/EXVULSEC/status/1811348160851378333
forge test --contracts ./src/test/2024-07/LW_exp.sol -vvv
https://x.com/0xNickLFranklin/status/1810245893490368820
forge test --contracts ./src/test/2024-07/DeFiPlaza_exp.sol -vvv
https://x.com/DecurityHQ/status/1809222922998808760
forge test --contracts ./src/test/2024-07/UnverifiedContr_0x452E25_exp.sol -vvv --evm-version "cancun"
UnverifiedContr_0x452E25_exp.sol
https://x.com/SlowMist_Team/status/1808334870650970514
forge test --contracts ./src/test/2024-07/MRP_exp.sol -vvv
https://x.com/0xNickLFranklin/status/1808309614443733005
forge test --contracts ./src/test/2024-06/Will_exp.sol -vvv --evm-version "shanghai"
https://x.com/0xNickLFranklin/status/1806704287252394238
forge test --contracts ./src/test/2024-06/APEMAGA_exp.sol -vvv --evm-version "shanghai"
https://x.com/ChainAegis/status/1806297556852601282
forge test --contracts ./src/test/2024-06/INcufi_exp.sol -vvv
https://x.com/0xNickLFranklin/status/1803317022513832301
forge test --contracts ./src/test/2024-06/Dyson_money_exp.sol -vvv
https://x.com/0xNickLFranklin/status/1802634237667054052
forge test --contracts ./src/test/2024-06/WIFCOIN_ETH_exp.sol -vv --evm-version "shanghai"
https://x.com/ChainAegis/status/1802550962977964139
forge test --contracts ./src/test/2024-06/Crb2_exp.sol -vv --evm-version shanghai
forge test --contracts ./src/test/2024-06/JokInTheBox_exp.sol -vv --evm-version cancun
https://x.com/0xNickLFranklin/status/1800355604692910571
forge test --contracts ./src/test/2024-06/Bazaar_exp.sol -vvv
https://x.com/shoucccc/status/1800353122159833195
forge test --contracts src/test/2024-06/YYS_exp.sol -vv
https://x.com/0xNickLFranklin/status/1799610045589831833
forge test --contracts ./src/test/2024-06/SteamSwap_exp.sol -vvv --evm-version shanghai
https://x.com/SlowMist_Team/status/1798905797440897386
forge test --contracts src/test/2024-06/MineSTM_exp.sol -vv
https://x.com/0xNickLFranklin/status/1798920774511898862
forge test --contracts src/test/2024-06/NCD_exp.sol -vv
https://x.com/SlowMist_Team/status/1797821034319765604
forge test --contracts src/test/2024-06/Velocore_exp.sol -vv
https://x.com/BeosinAlert/status/1797247874528645333
forge test --contracts ./src/test/2024-05/Liquiditytokens_exp.sol -vvv
https://x.com/EXVULSEC/status/1796499069583724638
forge test --contracts ./src/test/2024-05/MixedSwapRouter_exp.sol -vvv
https://x.com/ChainAegis/status/1796484286738227579
forge test --contracts ./src/test/2024-05/SCROLL_exp.sol -vvv
https://x.com/0xNickLFranklin/status/1795650745448169741
forge test --contracts src/test/2024-05/MetaDragon_exp.sol -vvvvv --evm-version shanghai
https://x.com/Phalcon_xyz/status/1795746828064854497
forge test --contracts ./src/test/2024-05/Tradeonorion_exp.sol -vvv
https://x.com/MetaSec_xyz/status/1796008961302258001
forge test --contracts ./src/test/2024-05/EXcommunity_exp.sol -vvv
https://x.com/SlowMist_Team/status/1795648617530995130
forge test --contracts ./src/test/2024-05/RedKeysCoin_exp.sol -vvv --evm-version shanghai
forge test --contracts ./src/test/2024-05/NORMIE_exp.sol -vv
https://x.com/lookonchain/status/1794680612399542672
forge test --contracts ./src/test/2024-05/Burner_exp.sol -vv
https://x.com/0xNickLFranklin/status/1792925754243625311
forge test --contracts ./src/test/2024-05/TCH_exp.sol -vvv
https://x.com/DecurityHQ/status/1791180322882629713
forge test --contracts ./src/test/2024-05/Sonne_exp.sol -vvv
https://neptunemutual.com/blog/taking-a-closer-look-at-sonne-finance-exploit/
forge test --contracts ./src/test/2024-05/PredyFinance_exp.sol -vvv
https://twitter.com/Phalcon_xyz/status/1790307019590680851
forge test --contracts ./src/test/2024-05/TGC_exp.sol -vvv
https://x.com/ChainAegis/status/1789490986588205529
forge test --contracts ./src/test/2024-05/GFOX_exp.sol -vvv --evm-version shanghai
https://twitter.com/CertiKAlert/status/1788751142144401886
forge test --contracts ./src/test/2024-05/TSURU_exp.sol -vvv --evm-version shanghai
https://base.tsuru.wtf/usdtsuru-exploit-incident-report
forge test --contracts src/test/2024-05/GPU_exp.sol -vvv
https://twitter.com/PeckShieldAlert/status/1788153869987611113
forge test --contracts src/test/2024-05/OSN_exp.sol -vvv
https://twitter.com/ChainAegis/status/1787667253435195841
forge test --contracts src/test/2024-05/OSN_exp.sol -vvv --evm-version shanghai
https://twitter.com/SlowMist_Team/status/1787330586857861564
forge test --contracts ./src/test/2024-04/Yield_exp.sol -vvv
https://twitter.com/peckshield/status/1785121607192817692
https://medium.com/immunefi/yield-protocol-logic-error-bugfix-review-7b86741e6f50
forge test --contracts ./src/test/2024-04/PikeFinance_exp.sol -vvv
https://twitter.com/Phalcon_xyz/status/1785508900093194591
forge test --contracts ./src/test/2024-04/BNBX_exp.sol -vvv --evm-version shanghai
https://x.com/ChainAegis/status/1784431544557514896
forge test --contracts ./src/test/2024-04/NGFS_exp.sol -vvv --evm-version shanghai
https://twitter.com/CertiKAlert/status/1783476515331616847
forge test --contracts ./src/test/2024-04/XBridge_exp.sol -vvv
forge test --contracts ./src/test/2024-04/YIEDL_exp.sol -vvv
forge test --contracts ./src/test/2024-04/Z123_exp.sol -vvv
https://twitter.com/PeckShieldAlert/status/1782322484911784385
forge test --contracts ./src/test/2024-04/Rico_exp.sol -vvv
https://twitter.com/ricocreditsys/status/1781803698940781009
forge test --contracts ./src/test/2024-04/HedgeyFinance_exp.sol -vvv
https://twitter.com/Cube3AI/status/1781294512716820918
forge test --contracts src/test/2024-04/UnverifiedContr_0x00C409_exp.sol -vvv
UnverifiedContr_0x00C409_exp.sol
https://x.com/CyversAlerts/status/1780593407871635538
forge test --contracts src/test/2024-04/SATX_exp.sol -vvv
https://x.com/bbbb/status/1780341239801393479
forge test --contracts src/test/2024-04/MARS_exp.sol -vv
https://twitter.com/Phalcon_xyz/status/1780150315603701933
forge test --contracts src/test/2024-04/GFA_exp.sol -vvv
https://x.com/ChainAegis/status/1779809931962827055
forge test --contracts ./src/test/2024-04/Chainge_exp.sol -vvv
https://twitter.com/CyversAlerts/status/1779875922381860920
forge test --contracts ./src/test/2024-04/Hackathon_exp.sol -vvv
https://x.com/EXVULSEC/status/1779519508375613827
forge test --contracts ./src/test/2024-04/FIL314_exp.sol -vvv
forge test --contracts ./src/test/2024-04/SumerMoney_exp.sol -vvv
https://twitter.com/0xNickLFranklin/status/1778986926705672698
forge test --contracts ./src/test/2024-04/GROKD_exp.sol -vvv
https://x.com/hipalex921/status/1778482890705416323?t=KvvG83s7SXr9I55aftOc6w&s=05
forge test --contracts ./src/test/2024-04/BigBangSwap_exp.sol -vvv
https://x.com/ChainAegis/status/1778254222288621912
forge test --contracts ./src/test/2024-04/UPS_exp.sol -vvv
https://twitter.com/0xNickLFranklin/status/1777589021058728214
forge test --contracts ./src/test/2024-04/SQUID_exp.sol -vvv
https://twitter.com/bbbb/status/1777228277415039304
forge test --contracts ./src/test/2024-04/WSM_exp.sol -vvv
https://hacked.slowmist.io/#:~:text=Hacked%20target%3A%20Wall%20Street%20Memes
forge test --contracts ./src/test/2024-04/HoppyFrogERC_exp.sol -vvv --evm-version shanghai
https://x.com/ChainAegis/status/1775351437410918420
forge test --contracts ./src/test/2024-04/ATM_exp.sol -vvv
https://twitter.com/0xNickLFranklin/status/1775008489569718508
forge test --contracts src/test/2024-04/OpenLeverage2_exp.sol -vvv
https://twitter.com/0xNickLFranklin/status/1774727539975672136
forge test --contracts ./src/test/2024-03/ETHFIN_exp.sol -vvv --evm-version shanghai
forge test --contracts ./src/test/2024-03/Prisma_exp.sol -vvv
https://twitter.com/EXVULSEC/status/1773371049951797485
forge test --contracts src/test/2024-03/LavaLending_exp.sol -vvv
https://twitter.com/0xNickLFranklin/status/1774727539975672136
https://twitter.com/Phalcon_xyz/status/1773546399713345965
https://hackmd.io/@LavaSecurity/03282024
forge test --contracts src/test/2024-03/ZongZi_exp.sol -vvv
https://twitter.com/0xNickLFranklin/status/1772195949638775262
forge test --contracts ./src/test/2024-03/CGT_exp.sol -vvv
https://x.com/AnciliaInc/status/1771598968448745536
forge test --contracts ./src/test/2024-03/SSS_exp.sol -vvv
https://twitter.com/dot_pengun/status/1770989208125272481
forge test --contracts src/test/2024-03/ARK_exp.sol -vvv
https://twitter.com/Phalcon_xyz/status/1771728823534375249
forge test --contracts src/test/2024-03/Paraswap_exp.sol -vvv --evm-version shanghai
https://medium.com/neptune-mutual/analysis-of-the-paraswap-exploit-1f97c604b4fe
forge test --contracts src/test/2024-03/MO_exp.sol -vvv
https://twitter.com/0xNickLFranklin/status/1768184024483430523
forge test --via-ir --contracts src/test/2024-03/IT_exp.sol -vvv
https://twitter.com/0xNickLFranklin/status/1768171595561046489
forge test --contracts src/test/2024-03/BBT_exp.sol -vvv
https://x.com/8olidity/status/1767470002566058088
forge test --contracts src/test/2024-03/Binemon_exp.sol -vvv
forge test --contracts ./src/test/2024-03/Juice_exp.sol -vvv --evm-version shanghai
https://medium.com/@juicebotapp/juice-staking-exploit-next-steps-95e218b3ec71
forge test --contracts src/test/2024-03/UnizenIO_exp.sol -vvvv
UnizenIO_exp.sol | UnizenIO2_exp.sol
https://twitter.com/Phalcon_xyz/status/1766274000534004187
https://twitter.com/AnciliaInc/status/1766261463025684707
forge test --contracts ./src/test/2024-03/GHT_exp.sol -vvv
Testing
forge test --contracts ./src/test/2024-03/ALP_exp.sol -vvv
https://twitter.com/0xNickLFranklin/status/1765296663667875880
forge test --contracts ./src/test/2024-03/TGBS_exp.sol -vvv
https://twitter.com/0xNickLFranklin/status/1765290290083144095
https://twitter.com/Phalcon_xyz/status/1765285257949974747
forge test --contracts ./src/test/2024-03/Woofi_exp.sol -vvv
https://twitter.com/spreekaway/status/1765046559832764886 https://twitter.com/PeckShieldAlert/status/1765054155478175943
forge test --contracts ./src/test/2024-02/Seneca_exp.sol -vvv
https://twitter.com/Phalcon_xyz/status/1763045563040411876
forge test --contracts ./src/test/2024-02/SMOOFSStaking_exp.sol -vvv
https://twitter.com/AnciliaInc/status/1762893563103428783
https://twitter.com/0xNickLFranklin/status/1762895774311178251
forge test --contracts ./src/test/2024-02/Zoomer_exp.sol -vvv --evm-version "shanghai"
https://x.com/ChainAegis/status/1761246415488225668
forge test --contracts ./src/test/2024-02/CompoundUni_exp.sol -vvv
https://twitter.com/0xLEVI104/status/1762092203894276481
forge test --contracts ./src/test/2024-02/BlueberryProtocol_exp.sol -vvv
https://twitter.com/blueberryFDN/status/1760865357236211964
forge test --contracts ./src/test/2024-02/SwarmMarkets_exp.sol -vvv
forge test --contracts ./src/test/2024-02/DeezNutz404_exp.sol -vvv
https://twitter.com/0xNickLFranklin/status/1760481343161700523
forge test --contracts ./src/test/2024-02/GAIN_exp.sol -vvv
https://twitter.com/0xNickLFranklin/status/1760559768241160679
forge test --contracts ./src/test/2024-02/EGGX_exp.sol -vvv
https://x.com/PeiQi_0/status/1759826303044497726
forge test --contracts ./src/test/2024-02/RuggedArt_exp.sol -vvv
https://twitter.com/EXVULSEC/status/1759822545875025953
forge test --contracts ./src/test/2024-02/ParticleTrade_exp.sol -vvv
https://twitter.com/Phalcon_xyz/status/1758028270770250134
forge test --contracts ./src/test/2024-02/DualPools_exp.sol -vvvv
https://medium.com/@lunaray/dualpools-hack-analysis-5209233801fa
forge test --contracts ./src/test/2024-02/Babyloogn_exp.sol -vvvv
forge test --contracts ./src/test/2024-02/Miner_exp.sol -vvv --evm-version shanghai
https://twitter.com/Phalcon_xyz/status/1757777340002681326
forge test --contracts ./src/test/2024-02/MINER_bsc_exp.sol -vvv --evm-version shanghai
forge test --contracts ./src/test/2024-02/Game_exp.sol -vvv
https://twitter.com/AnciliaInc/status/1757533144033739116
forge test --contracts ./src/test/2024-02/DN404_exp.sol -vvv
forge test --contracts ./src/test/2024-02/PANDORA_exp.sol -vvv
https://twitter.com/pennysplayer/status/1766479470058406174
forge test --contracts ./src/test/2024-02/BurnsDefi_exp.sol -vvv
https://twitter.com/pennysplayer/status/1754342573815238946
https://medium.com/neptune-mutual/how-was-citadel-finance-exploited-a5f9acd0b408 (similar incident)
forge test --contracts ./src/test/2024-02/ADC_exp.sol -vvv
https://x.com/EXVULSEC/status/1753294675971313790
forge test --contracts ./src/test/2024-02/AffineDeFi_exp.sol -vvv
https://twitter.com/Phalcon_xyz/status/1753020812284809440
https://twitter.com/CyversAlerts/status/1753040754287513655
forge test --contracts ./src/test/2024-01/XSIJ_exp.sol -vvv
https://x.com/CertiKAlert/status/1752384801535918264
forge test --contracts ./src/test/2024-01/MIMSpell2_exp.sol -vvv
https://twitter.com/kankodu/status/1752581744803680680
https://twitter.com/Phalcon_xyz/status/1752278614551216494
https://twitter.com/peckshield/status/1752279373779194011
https://phalcon.blocksec.com/explorer/security-incidents
forge test --contracts ./src/test/2024-01/PeapodsFinance_exp.sol -vvv
forge test --contracts ./src/test/2024-01/BarleyFinance_exp.sol -vvv
https://phalcon.blocksec.com/explorer/security-incidents
https://www.bitget.com/news/detail/12560603890246
https://twitter.com/Phalcon_xyz/status/1751788389139992824
forge test --contracts ./src/test/2024-01/CitadelFinance_exp.sol -vvv
https://medium.com/neptune-mutual/how-was-citadel-finance-exploited-a5f9acd0b408
forge test --contracts ./src/test/2024-01/NBLGAME_exp.sol -vvv
https://twitter.com/SlowMist_Team/status/1750526097106915453
https://twitter.com/AnciliaInc/status/1750558426382635036
forge test --contracts ./src/test/2024-01/DAO_SoulMate_exp.sol -vvv --evm-version 'shanghai'
https://twitter.com/MetaSec_xyz/status/1749743245599617282
forge test --contracts ./src/test/2024-01/Bmizapper_exp.sol -vvv
https://x.com/0xmstore/status/1747756898172952725
forge test --contracts ./src/test/2024-01/Shell_MEV_0xa898_exp.sol -vvv
forge test --contracts ./src/test/2024-01/SocketGateway_exp.sol -vvv --evm-version shanghai
https://twitter.com/BeosinAlert/status/1747450173675196674
https://twitter.com/peckshield/status/1747353782004900274
forge test --contracts ./src/test/2024-01/WiseLending02_exp.sol -vvv --evm-version shanghai
https://twitter.com/danielvf/status/1746303616778981402
forge test --contracts src/test/2024-01/Freedom_exp.sol -vvv
forge test --contracts src/test/2024-01/LQDX_alert_exp.sol -vvv
https://twitter.com/SlowMist_Team/status/1744972012865671452
forge test --contracts ./src/test/2024-01/Gamma_exp.sol -vvv
https://twitter.com/officer_cia/status/1742772207997050899
https://twitter.com/shoucccc/status/1742765618984829326
forge test --contracts ./src/test/2024-01/MIC_exp.sol -vvv
https://x.com/MetaSec_xyz/status/1742484748239536173
forge test --contracts ./src/test/2024-01/RadiantCapital_exp.sol -vvv
https://neptunemutual.com/blog/how-was-radiant-capital-exploited/
https://twitter.com/BeosinAlert/status/1742389285926678784
forge test --contracts ./src/test/2024-01/OrbitChain_exp.sol -vvv
https://blog.solidityscan.com/orbit-chain-hack-analysis-b71c36a54a69
Foundry also has the ability to report the gas
used per function call which mimics the behavior of hardhat-gas-reporter. Generally speaking if gas costs per function call is very high, then the likelihood of its success is reduced. Gas optimization is an important activity done by smart contract developers.
Every poc in this repository can produce a gas report like this:
forge test --gas-report --contracts <contract> -vvv
For Example: Let us find out the gas used in the Audius poc
Execution
forge test --gas-report --contracts ./src/test/Audius.exp.sol -vvv
Demo
Moved to DeFiVulnLabs
Moved to DeFiLabs