Skip to content

Latest commit

 

History

History
69 lines (50 loc) · 2.28 KB

README.md

File metadata and controls

69 lines (50 loc) · 2.28 KB
verilog logo

awesome list badge

Verilog Web3Dubai CTF Challenge #2


Introduction

| Verilog 2022 web3dubai CTF challenge #2

This is our newly designed WMATICV2 token, unlike the old version of the WMATIC
the new contract will be more stylish with supports of depositing multi MATIC
derivative assets to convert into WMATICV2 token.

Scenarios:

  • deposit MATIC -> mint WMATICV2 token
  • deposit WMATIC -> mint WMATICV2 token
  • deposit WMATIC <> WMATICV2 LP -> mint WMATICV2 token (for early stage liquidity incentive users)

Besides, our team designed a bounty insurance contract to monitor the
safety of the WMATICV2. If you can crack it, bounty is yours!

Find your way to hack around ! But I am sure its really safe.

Explanation

  • WMATICV2 contract

    // contract safety is purely depends on these 2 variables
    interface IWMATICV2 {
    
      // minted token balance
      function totalSupply() external view returns (uint256);
    
      // actually eth balance
      function balance() external view returns (uint256);
    
    }
  • the criteria is:

    // more than 10% of the difference been considered as an exploit detected
    function status () external view returns (bool) {
        uint256 delta = WMATICV2.totalSupply() >= WMATICV2.balance() ? WMATICV2.totalSupply() - WMATICV2.balance() : WMATICV2.balance() - WMATICV2.totalSupply();
        uint256 tolerance = WMATICV2.balance() / 10;
        if (delta > tolerance) {
          return true;
        }
        return false;
    }

Deployed Addresses

Contract Name Address
wMatic Contract 0x0d500B1d8E8eF31E21C99d1Db9A6444d3ADf1270
wMatic V2 Contract 0x5D6C48F05ad0fde3f64baB50628637d73B1eB0BB
Bounty Contract 0xBcF6e9d27bf95F3F5eDDB93C38656D684317D5b4