Writeups

A peek inside the MISO war room – $350m incident response story

The Bug The DutchAuction smart contract inherits the BoringBatchable utility contract that allows callers to batch different calls together. There is a commitEth function in the auction contract that uses msg.value to know the amount of ETH commited by the user. If the user commits more ETH than the contract’s capacity, the contract refunds the …

A peek inside the MISO war room – $350m incident response story Read More »

Free blockchain storage – Tale of a bug in Substrate’s FRAME runtime

This is the story of a simple bug in the FRAME runtime of Parity’s Substrate blockchain framework. The bug allowed attackers to do infinitely large transactions without paying any extra fees. The vulnerability was the result of a buggy implementation of fee calculation in the FRAME runtime of Substrate. By exploiting this vulnerability, an attacker …

Free blockchain storage – Tale of a bug in Substrate’s FRAME runtime Read More »