DEX pricing level in Ethernaut

Hi all!

I’m Patrick, and I work on the Chainlink project.

Everyday I’ve get a ton of people ask where to go to learn more about solidity, and I love pointing people who are a little more advanced over to Ethernaut, since it shows a lot of the security issues with solidity as well.

One thing I didn’t see were some levels related to defi and security. So I made an Ethernaut level showing how price manipulation can be done on a dex to steal a token.

I was hoping to get some feedback on it and would love to be an addition to the repo. Looking forward to feedback!

4 Likes

Hi @PatrickAlphaC,

Welcome to the community :wave:

Thanks for proposing a new Ethernaut level. Hopefully we can get some people in the community to review the PR and provide feedback.

Hello!

First of all thank you for creating this level. I learned a lot from Ethernaut and I’m happy to see that this project is still active.

Secondly, I think difficulty of DEX should be increased. I spend few hours on it and still have no idea how to hack it haha
Is flash loan needed to solve this level or there just are something in the contract itself that I’m missing?

You think it should be harder? Or easier?

In my opinion it's harder than 3/10. But can't tell how much harder, because I still didn't hack it.

1 Like

See what happens when you do a few swaps back and forth.

@PatrickAlphaC, What do you think about my proposed "evil token attack" for the Dex level?

I still like the idea of adding:
require((from == token1 && to == token2) || (from == token2 && to == token1 )
to Dex.swap and having a separate level without that check.

1 Like

This looks like a nice PR!

Hi Patrick!
On both of the DEX levels I get a metamask freeze while trying to do the contract.approve. Metamask just gets stuck with the loading wheel and nothing happens, it won't let me confirm the operation. I really want to complete the level, I think it's awesome :slight_smile:
Could you please look into it?

1 Like

It's likely a metamask or rinkeby issue - sorry. Not much for me to do there :confused:

Oh I see, thanks for quick response.

Well, if anyone encounters the same problem, there is an easy workaround - just calling the SwappableToken.approve(...) function individually on each token works. I think this might be a gas estimation error, so there are probably more solutions to this :slight_smile:

1 Like