Google Drive
Gist
Clipboard
NOTICE: The 0x v2 Exchange contracts are FINE, and the below details an issue (now fixed) with the EtherOrcs contract.
At 7:42 pm Pacific Time, I was alerted on Discord to the following transaction: https://etherscan.io/tx/0xc33d0c598053cdac9ca2b623b3a1f9b5adc7ef4ac5e60a471535a01a49dfecee
A user had intended to use sudoswap to swap their EtherOrc NFT for WETH. Instead, a generalized frontrunner bot had somehow filled the order instead. The NFT was transferred to the maker, but the bot received the WETH instead of the original NFT owner.
This wasn't a transaction I'd seen before, so I alerted the rest of the sudoswap team. We made the hasty decision to pause swap creation while we investigated what had happened. I also reached out to the 0x team to alert them of a possible issue.
The 0x team responded within 2 minutes, escalated internally, and stayed with us until the issue was resolved (ultimately it had nothing to do with the 0x contracts).
After around half an hour, boredGenius discovered that the EtherOrc NFT contract does not adhere to one part of the ERC721 standard. Specifically, when calling transferFrom(address from, address to, uint256 id), the from address is not checked to see if it owns the NFT with the specified id.
The 0x team quickly confirmed this was what was at fault.
When filling an order, the 0x Exchange contract will attempt to call transferFrom from one party to the other, in order to send both sides their assets. The situation here is that a frontrunning bot can spot a pending fillOrder transaction in the mempool and rebroadcast it themselves. Then, the 0x Exchange will attempt to transfer the NFT from the bot (who doesn't have it) to the other party. This should be expected to fail as the bot does not own the NFT. However, the non-standard behavior of the EtherOrcs transferFrom would still succeed (as from is not checked), transferring the NFT from its original owner to the other party, but crediting the bot as the from address.
The end result is that the bot receives the assets on the other side, but the NFT is still transferred out of the original owner's wallet.
The user frontran has been compensated for their swap amount.
The EtherOrcs team has upgraded their transferFrom function to check if the address specified in from is the owner, which remedies this non-standard behavior.
NOTE: Other contracts using the ERC721 contract found here (https://github.com/lexDAO/Kali/blob/main/contracts/tokens/erc721/ERC721.sol) are also susceptible to this issue. LexDAO has been notified, and it has been patched in this PR: https://github.com/lexDAO/Kali/commit/546ed74c53511dc7074760de6ebca93667bd598f.
As a user, if you are trying to swap one of these NFT assets, please consider using something like the flashbots rpc (https://docs.flashbots.net/flashbots-protect/rpc/quick-start) to avoid being frontrun when swapping on sudoswap. (If the NFT's logic is not upgradeable).
On our end at sudoswap, we now enforce filling a takerAddress by default if an NFT is on the Have side of swap creation, which is set to be the NFT's current owner. (Users are free to change this if they want the default "anyone can fill" behavior). Specifying that the swap is only for the NFT owner also removes this frontrunning vector for non-standard ERC721s.
As the first (what seemed to be) serious incident at sudoswap, I believe I (0xmons) handled several things improperly.
First, I acted too hastily. Upon receiving the initial report, I could have taken more time with our team to understand what had happened. The 0x Exchange contracts have been live on mainnet for years without issue. Had I taken a step back, I could have better thought about what other areas (e.g. the transferred assets, our own signature creation flow) might have also been at fault. It was rash of me to single them out as a possible vector for the issue, especially given their track record and the fact that they were ultimately blameless.
Along the same lines, I believe I took to public lines of communication (e.g. Twitter, Discord) far too early, and while perhaps well-intentioned, this did more harm than good, as we hadn't fully understood the issue at the time. This led to some quick whiplash when we did identify the problem less than an hour later (as something different than what we first guessed).
In the future, I want to be better about opening private lines of communication with the protocols we work with. When possible, I'll start with smaller escalations–this time, I assumed the worst case without fully understanding the situation, and this led to additional fallout and concern. Many thanks again to the 0x team for their assistance and support in fully resolving this issue.
Apologies again for any issues caused by our interruption in service, and I hope this clarifies the incident.
or
or
By clicking below, you agree to our terms of service.
Sign in with Wallet
New to HackMD? Sign up
| Syntax | Example | Reference | |
|---|---|---|---|
| # Header | Header | 基本排版 | |
| - Unordered List |
|
||
| 1. Ordered List |
|
||
| - [ ] Todo List |
|
||
| > Blockquote | Blockquote |
||
| **Bold font** | Bold font | ||
| *Italics font* | Italics font | ||
| ~~Strikethrough~~ | |||
| 19^th^ | 19th | ||
| H~2~O | H2O | ||
| ++Inserted text++ | Inserted text | ||
| ==Marked text== | Marked text | ||
| [link text](https:// "title") | Link | ||
|  | Image | ||
| `Code` | Code |
在筆記中貼入程式碼 | |
| ```javascript var i = 0; ``` |
|
||
| :smile: |  |
Emoji list | |
| {%youtube youtube_id %} | Externals | ||
| $L^aT_eX$ | LaTeX | ||
| :::info This is a alert area. ::: |
This is a alert area. |
On a scale of 0-10, how likely is it that you would recommend HackMD to your friends, family or business associates?
Please give us some advice and help us improve HackMD.
Do you want to remove this version name and description?
Syncing
-
Any changes
Be notified of any changes
-
Mention me
Be notified of mention me
-
Unsubscribe
Subscribe