Crypto Games: Don’t make freebies profitable
Or how to let bots drain your contract’s balance (ETH)
What happens when you combine a ponzi scheme and an idle game ? This.
Ether Shrimps Farm came out 4 days ago. It is a game built on ethereum smart contracts. The game consists of 3 main features:
- Buying eggs (costs ETH)
- Hatching eggs — breeding shrimps (no price, only transaction fee)
- Selling eggs (profit)
Breed shrimps, collect new eggs and sell them (or hatch) and repeat it all over again. Just that developer decided to code some entry bonus. For 0 ETH (just transaction fees) you can get starting amount of shrimps to play with.
Shrimps are generating eggs. Shrimps never expire so you can imagine the hyper inflation happening in the game. Because of that, the further method only works in the early phase of the game.
Botting on Crypto Games is now a thing
Ether Shrimp Farm’s DAU (Daily Active Users) started growing at hundreds per minute at DappRadar.com and that suddenly got our attention.
Turns out, one person was responsible for more than 5,000 wallets that were used to play Ether Shrimp Farm. We have figured out how and why.
There is one wallet behind this. The complete work flow:
- Attacker’s program creates a new wallet (Bot wallet #X) and sends 0.003 ether to the recently created wallet.
- Attacker uses bot wallet to execute “Get free shrimp eggs” function on the game’s smart contract.
- Bot wallet now has free shrimps. It is generating shrimp eggs.
Shrimp eggs = $$$. - Repeats all the steps for 1000+ times.
Voila! Now it just waits for some time for eggs to generate, sells eggs on all the bot wallets, transfers all the ether to the attacker’s wallet and continues creating new bots.
It was definitely profitable for the attacker in the beginning and would be definitely not profitable now as the inflation is enormous and free shrimps don’t generate as much ether.
Conclusion
I can’t tell you how much ether was made using this bot. But one thing is clear. All that ether was stolen from the contract just because free shrimps were profitable. Don’t make freebies profitable or it will screw up your game.
