How the Oracle Manipulation Attack Happened to Inverse Finance
Let’s reproduce the attack on the Ethereum mainnet fork with hardhat!
Today I’m going to demonstrate how I reproduced the inverse finance attacker’s code (not the actual one) so you can understand the whole process better. You can execute almost the same transaction as the attacker did on Ethereum mainnet fork with hardhat.
Motive
I’m just curious about oracle attacks and wanted to reproduce any one of them on the hardhat fork network. It is just surprising how a couple of hundred lines of code takes away a huge amount of tokens within a minute.
Oracle Manipulation Attack on Inverse Finance
On June 16th, 2022, someone manipulated the oracle price on inverse finance with AAVE flashloan on Ethereum mainnet, and earned more than $1 million worth of tokens (53.24 WBTC and 99,976 USDT). This story explains the attack concisely.
Attack Transaction: