Skip to content

README.md

Latest commit

 

History

History
17 lines (12 loc) · 807 Bytes

README.md

File metadata and controls

17 lines (12 loc) · 807 Bytes

WETH permit exploit

Most ERC20 contracts have a permit function that can be called, while WETH does not.

What is the exploit?

  1. Victim gives infinite approval for ERC20Bank.sol to spend WETH.
  2. Victim calls deposit and deposits 1 WETH into ERC20Bank.
  3. Attacker calls depositWithPermit and passes an empty signature and transfers all tokens from Victim into ERC20Bank, which is credited to the attacker's deposit in ERC20Bank.
  4. Attacker calls withdraw function.

Instructions

  1. Install Foundryup.
  2. Run the following command in your directory to install dependecies forge install foundry-rs/forge-std.
  3. Run the following to build your contract forge build.
  4. Run forge test -vvv to execute your tests.