Try   HackMD

Quick Review

v4-patch Governance upgrades

Proposed changes:

https://git.tornado.ws/AlienTornadosaurusHex/tornado-governance/src/branch/main/contracts/v4-patch/GovernancePatchUpgrade.sol

function execute(uint256 proposalId)

function _propose(
    address proposer,
    address target,
    string memory description
  )

Function override of prior version of https://github.com/tornadocash/tornado-governance/blob/master/contracts/v1/Governance.sol

The suggested implementation adds a check to ensure the code of a proposal can't change between the time it is proposed to the when it is actually executed.

L35-46:

if (proposalCodehash == proposalCodehashes[proposalId]) {
      super.execute(proposalId);
    } else {
      // So this should guarantee that the proposal should not be able to be executed in future
      // But also, the proposal will be skipped each time. So the question is whether this, a silent
      // skip, or a require can be used to stay "concise", and abandon the safety of having also this assign
      // Outside dependencies, which don't exist as of yet, might believe that the proposal code was executed
      proposal.executed = true;

      // Let the event signify it was metamorphic
      emit CodehashDifferent(target, proposalCodehashes[proposalId], proposalCodehash);
    }

I think the else branch could be omitted since a proposal that is not executed before proposal.endTime.add(EXECUTION_DELAY).add(EXECUTION_EXPIRATION) will be in expired state.

This way we don't have to consider any other side-effects here.

In absence of an actual "invalid" state any proposal that fails to execute no matter the reason will simply expire (currently configured to be 72 hours after endTime + delay).

So I'd prefer something like:

require(proposalCodehash == proposalCodehashes[proposalId],
    "Governance::propose: metamorphic proposal not allowed");
super.execute(proposalId);

Misc

  • add new version() to return precise version of Governance
Last changed by 
0xdeadf4ce
0
176

Read more

Eleven.finance (BSC) - Burn, baby, burn!

Summary Eleven.finance, a yield aggregator on Binance Smart Chain (BSC) and Polygon (MATIC) was exploited for a total of est. $4,5M worth in user-deposited assets. Root cause was a function called emergencyBurn() in the intermediary vault used to track anySwap / Nerve-bridged assets nrvBTC, nrvETH and nrvFUSDT in the Eleven "MasterMind" farming contract. The attacker first took a Flashloan of each asset's underlying token balance in the "MasterMind" contract (Binance-pegged BTC, ETH and USDT) to convert these into nrvBTC, nrvETH and nrvFUSDT respectively. Nerve 3Pool and PancakeSwap BUSD - NRV liquidity provider positions were also affected. A vulnerable function emergencyBurn() in the intermediate vault contract allowed the attacker to withdraw the deposited balance without having the withdrawal being accounted for internally.

Jun 23, 2021
Meerkat.Finance - Malicious Proxy Incident - Post Mortem

Summary Meerkat.Finance (offline), a yield-farming project recently started on Binance Smart Chain (BSC) has been drained for 13,968,039 in BUSD (Binance-pegged USD) and 73,635 in WBNB (Wrapped BNB), leading to loss of $31.56 million in funds. While the project team claimed being hacked due to various vulnerabilities, the on-chain data tells a very different story indicating a planned exit scam AKA "rug pull". The team behind Meerkat Finance, a yield farming pool running on the Binance Smart Chain that went live just one day ago, claimed in its official Telegram channel around 9:00 UTC on Thursday that its smart contract vault was compromised. (via The Block) [1] Meerkat Finance Deployer upgraded 2 vaults of the project.

Mar 4, 2021
DSWAPv1 self rekt incident

List of EOA involved Fake Token Deployer 0x30e346181de2809ef8286d2e49c65afb8a3b065d Yearn: Deployer 0x2D407dDb06311396fE14D4b49da5F0471447d45C List of fake Tokens

Nov 26, 2020
Pickle Finance Post-Mortem on pJar exploit

TL,DR; About Moving fast People have for decades been indoctrinated by agile development evangelists to move fast, fail quickly and go for minimum viable products. These ideas don’t seem to fit the bill when building in a hostile environment. Failing quickly in DeFi comes at the expense of 10s or 100s of million dollar equivalents. We may not simply need another methodology. We need a paradigm shift allowing for rapid iteration while reducing the likelihood of getting rekt at the same time. Let’s eliminate the idea that a proper audit is somehow a guarantee for safety. It is — most of the time — a snapshot of checklist-style security measures applied to moving targets that have often long evolved into something else shortly after a project hits mainnet. Expect the greatest teams in the future of finance to well be those capable of handling the trade-offs between shipping fast and shipping safely, continuously auditing and rigorously testing their composable money robots like they live and breathe it.

Nov 22, 2020
Read more from 0xdeadf4ce
Published on HackMD