Story of the MEV bot that gained 800 ETH and lost it all
Imagine making 800 ETH in a single arb
… and an hour later then losing 1100 ETH to a hacker
Here is the story of 0xbaDc0dE, an MEV bot who gained and lost it all in a few hours tonight
— @bertcmiller
(@bertcmiller) September 27, 2022
0xbaDc0dE is the prefix of the contract for a mempool bot that's been pretty active on ETH in the last few months.
In that time they sent ~220k transactions to Ethereum, I believe all arbs or trying to cancel arbs.
Address: 0xbadc0defafcf6d4239bdf0b66da4d7bd36fcf05a
— @bertcmiller
Earlier today some poor soul tried to sell $1.8m in cUSDC on Uniswap v2 (!). They got ~$500 out in return. Yikes.
Meanwhile, this generated a massive arb opportunity.
tx: 0x96a129768ec66fd7d65114bf182f4e173bf0b73a44219adaf71f01381a3d0143 pic.twitter.com/fOAhVkFRgV
— @bertcmiller
0xbaDc0dE dutifully backran the arb in the mempool (!) in a looong arb touching many protocols.
The profit from this was ~800 ETH!
tx: 0x2a615005a63785284f11a4c5cb803d1935d34e358c10a3b4d76398d2e7bb2f9d pic.twitter.com/h0GNO22y7y
— @bertcmiller
… But just an hour later all of 0xbaDc0dE's ETH was stolen
I'll let the reader make the joke about the code themselves pic.twitter.com/c36stxrVeg
— @bertcmiller
Digging in, it seems that the 0xbaDc0dE did not properly protect the function that they used to execute dYdX flashloans.
Note "callFunction," which is the function called by the dYdX router as a part of flashloan execution pic.twitter.com/NUKKU8S2F6
— @bertcmiller
When you get a flashloan the protocol you're borrowing from will call a standardized function on your contract.
In this case dYdX called "callFunction" on 0xbaDc0dE.
0xbaDc0dE's code unfortunately allowed for arbitrary execution.
— @bertcmiller
The attacker used this to get 0xbaDc0dE to approve all of their WETH for spender on their contract.
tx: 0x59ddcf5ee5c687af2cbf291c3ac63bf28316a8ecbb621d9f62d07fa8a5b8ef4e
— @bertcmiller
The attacker then simply transferred the weth out to their address.
tx: 0x631d206d49b930029197e5e57bbbb9a4da2eb00993560c77104cd9f4ae2d1a98
— @bertcmiller
EVM vs. SVM
1/ EVM won’t scale.
EVM tech is incapable of handling over 30 tps, which cannot compete with web2 speeds. @Solana's SVM solves this issue.
A thread on how SVM will help onboard the next wave of blockchain users at scale.
— Nitro SVM
2/ Before diving into the solution, it's important to understand the problem.
Ethereum is the biggest smart contracts blockchain, surely validators can add more servers to make Ethereum faster? Right?
Wrong. Think of Ethereum as a queue system with only one teller.
— Nitro SVM
3/ No matter how fast this teller is able to achieve consensus on transactions from validators, there's only so much speed with which he can process the queue
Now this analogy becomes more complicated when you factor for gas fees. Others can pay extra money to cut line. pic.twitter.com/tErmS8AlGD
— Nitro SVM
4/ EVM's single threaded architecture makes the teller inconsistent in his queue processing time, and creates an overall slow system.
How does Sealevel VM solve this? Through parallelization.
Think of the teller analogy again. What if there were multiple tellers?
— Nitro SVM
5/ Instead of 1 teller, what if there were 10, 50, or 100? The transactions would be faster, right?
That's exactly what Solana's sealevel engine does. It processes transactions concurrently to move through the queue quickly.
This leads to faster transaction speeds and high tps pic.twitter.com/LkFwyRXuoe
— Nitro SVM
6/ Why do other blockchains not do this?
Since all transactions are trying to update global states, 2 transactions trying to update the same state can lead to a concurrency bug.
Sealevel caters to this bug by describing all states a transaction will read/write while executing.
— Nitro SVM
7/ This allows for non-overlapping transactions to execute in parallel.
The validator may use as many cores for parallel processing as it needs, as long as overlapping transactions are not processed in parallel.
More on this from @aeyakovenko:https://t.co/Mwfne96XNF
— Nitro SVM
8/ Therefore, the Sealevel VM creates an ideal layer for executing transactions in parallel.
Looking at the teller analogy, its clear that SVM is clearly superior to EVM in terms of performance, and scaling web3 to web2 standards.
So, how do we bring the SVM to the masses?
— Nitro SVM
9/ Nitro was created with the vision of making SVM a universal development standard allowing SVM rollups to be deployed on any layer 1 blockchain.
We believe SVM rollups have the ability to transform any L1 into a powerhouse, while creating gateways between $SOL and non-SVM L1s
— Nitro SVM
10/ To kickoff this vision, Nitro is deploying the first SVM rollup in the Cosmos ecosystem, on @SeiNetwork.
This allows Solana's developers to gain access to the broader IBC ecosystem, and grants Cosmos users access to the performance benefits of SVM.
— Nitro SVM
11/ Overtime, SVM deployments in multiple ecosystems will help turn SVM into an industry standard, akin to EVMs.
The future for blockchain scalability is bright, and we couldn't be more excited to bring SVM tech to an ecosystem near you. Coming soon.
— Nitro SVM
Investors are selling Pounds for BTC
(1/6) If your currency was rapidly depreciating what would you buy to protect your purchasing power?
The answer for Euro and Pound holders has overwhelmingly been #Bitcoin
This is notable because we did not see the same trend in previous crises in 2020 or 2021
A brief
— Dunleavy (@dunleavy89) September 28, 2022
Source: https://www.cryptopolitan.com/best-twitter-threads-of-the-day-september-28/