1. Unstoppable

https://www.damnvulnerabledefi.xyz/challenges/unstoppable/

Objective

Vault is offering flash loans for free. To pass the challenge, make the vault stop offering flash loans.

Approach

First we examine the flashloan function.

poolBalance a state variable tracking internal balances of the vault contract; it is updated when users deposit tokens via depositTokens().

    function depositTokens(uint256 amount) external nonReentrant {
        if (amount == 0) revert MustDepositOneTokenMinimum();
        // Transfer token from sender. Sender must have first approved them.
        damnValuableToken.transferFrom(msg.sender, address(this), amount);
        poolBalance = poolBalance + amount;
    }

However, users can transfer DVT tokens directly to the lending contract without calling depositTokens. If that is done, poolBalance != balanceBefore, this will trigger revert on AssertionViolated() and jam the flashloan function.

Exploit

PreviousDamn Vulnerable Defi Next2. Naive receiver

Last updated 2 years ago