The Math Prodigy Whose Hack Upended DeFi Won't Give Back His Millions

An 18-year-old graduate student exploited a weakness in Indexed Finance's code and opened a legal conundrum that's still rocking the blockchain community. Then he disappeared. An excerpt from a report: On Oct. 14, in a house near Leeds, England, Laurence Day was sitting down to a dinner of fish and chips on his couch when his phone buzzed. The text was from a colleague who worked with him on Indexed Finance, a cryptocurrency platform that creates tokens representing baskets of other tokens -- like an index fund, but on the blockchain. The colleague had sent over a screenshot showing a recent trade, followed by a question mark. "If you didn't know what you were looking at, you might say, 'Nice-looking trade,'" Day says. But he knew enough to be alarmed: A user had bought up certain tokens at drastically deflated values, which shouldn't have been possible. Something was very wrong. Day jumped up, spilling his food on the floor, and ran into his bedroom to call Dillon Kellar, a co-founder of Indexed. Kellar was sitting in his mom's living room six time zones away near Austin, disassembling a DVD player so he could salvage one of its lasers. He picked up the phone to hear a breathless Day explaining that the platform had been attacked. "All I said was, 'What?'" Kellar recalls.

They pulled out their laptops and dug into the platform's code, with the help of a handful of acquaintances and Day's cat, Finney (named after Bitcoin pioneer Hal Finney), who perched on his shoulder in support. Indexed was built on the Ethereum blockchain, a public ledger where transaction details are stored, which meant there was a record of the attack. It would take weeks to figure out precisely what had happened, but it appeared that the platform had been fooled into severely undervaluing tokens that belonged to its users and selling them to the attacker at an extreme discount. Altogether, the person or people responsible had made off with $16 million worth of assets. Kellar and Day stanched the bleeding and repaired the code enough to prevent further attacks, then turned to face the public-relations nightmare. On the platform's Discord and Telegram channels, token-holders traded theories and recriminations, in some cases blaming the team and demanding compensation. Kellar apologized on Twitter to Indexed's hundreds of users and took responsibility for the vulnerability he'd failed to detect. "I f---ed up," he wrote. The question now was who'd launched the attack and whether they'd return the funds. Most crypto exploits are assumed to be inside jobs until proven otherwise. "The default is going to be, 'Who did this, and why is it the devs?'" Day says.

As he tried to sleep the morning after the attack, Day realized he hadn't heard from one particular collaborator. Weeks earlier, a coder going by the username "UmbralUpsilon" -- anonymity is standard in crypto communities -- had reached out to Day and Kellar on Discord, offering to create a bot that would make their platform more efficient. They agreed and sent over an initial fee. "We were hoping he might be a regular contributor," Kellar says. Given the extent of their chats, Day would have expected UmbralUpsilon to offer help or sympathy in the wake of the attack. Instead, nothing. Day pulled up their chat log and found that only his half of the conversation remained; UmbralUpsilon had deleted his messages and changed his username. "That got me out of bed like a shot," Day says.

If you aren't the grifter

[algaeman]

If you aren't the grifter, you are the griftee.
Scammers getting scammed.
Shocked, not so shocked.

Re:If you aren't the grifter

[mmell]

You have been downmodded for posting the truth. Your mistake was not using the correct phrasing.

If you can't spot the sucker sitting at the poker table, you are the sucker.

Re:If you aren't the grifter

[Xylantiel]

And even if you can, you might still be the sucker, because that guy might be a plant. (According to wikipedia, this is the technical definition of a shill [wikipedia.org] in the context of a confidence scheme.)

Re:

[jythie]

*blink* did someone actually just use shill... correctly? *head explodes*

Re:

[GrumpySteen]

No way. Must have been a shill.

Re:

[Anonymous Coward]

They got downmodded for posting the same tired old shit in every cryptocurrency thread. It's a karma grabbing circle jerk. It is on the same page as the GNAA spam at this point. Adds absolutely nothing to the conversation

Re:If you aren't the grifter

[The Real Dr John]

It is amazing how many people still think crypto is a great new tool of empowerment for "the people". It is just another scheme to soak people of their money. The big players will come out nicely, and most of "the people" will get burned. That is how financial scams work. All that wasted power generation and extra pollution for a scam. In that sense, everyone loses.

But but but they said the words I like

[raymorris]

But they said phrases I like, such as "the people", "fiat", and "means of production"! That means they are good guys!!!

That ESPECIALLY means they are good guys if they've spent the last 49 years in Washington, issuing fiats - I'm sure that *today* they'll manage the means of production for the benefit of the people, so long as we give those guys complete and total control over everything. Those guys especially wouldn't keep doing what they've been doing for the last 49 years, screwing us over. He said "t

Re:If you aren't the grifter

[HiThere]

I think you're wrong in principle, but not in practice. I *think* many/most of the early developers/pushers of cryptocurrencies were honest and idealistic. It didn't last.

Re:

[The Real Dr John]

There was no reason to make the process require so much computation/electricity, especially when no actual work was being done. That was to make it slow and difficult, and It was obviously set up from the beginning as a gambling casino, where you never knew when you would hit the jackpot. So you would keep playing. As long as other people kept jumping in, the value would go up. That is clearly a standard Ponzi gambling scenario with variable ratio reinforcement. Standing outside of it and looking in makes t

Re:

[Anonymous Coward]

little to no awareness of later-generation examples which do things very differently.

The later generations are making Bitcoin look good.

Re:If you aren't the grifter

[skovnymfe]

So long as these "potential applications" are potential, all that remains are pyramid schemes and scams.

Re:If you aren't the grifter

[Anonymous Coward]

Weeks earlier, a coder going by the username "UmbralUpsilon" -- had reached out to Day and Kellar on Discord, offering to create a bot that would make their platform more efficient.

You get some random e-mail from some random person and you just say "OK. Sure. Here's access to all our stuff". What the fucking fuck. This is beyond stupid.

Re:If you aren't the grifter

[MachineShedFred]

... and then you act shocked when your shit gets took.

There's a reason why banks and financial institutions either never use contractors, or only contract with big boy services that aren't going anywhere and even then they sign ironclad agreements that include clauses about information security.

Re:If you aren't the grifter

[Anonymous Coward]

"There's a reason why banks and financial institutions either never use contractors, or only contract with big boy services"

You might think that, but you'd be very wrong.

Re:

[jythie]

I think that era is long gone.

Re:

[Brain-Fu]

TAKEN

Re: If you aren't the grifter

[ShooterNeo]

It's almost like they got a cut from "that guy who robbed us". I am half convinced nearly every crypto "robbery" is just an inside job.

Re:

[thegarbz]

The only correct use of the phrase what the fucking fuck would apply to a kid who hasn't made a mistake like that. Congrats on being a mature adult. Many of these crypto Bros aren't and have finished learning life lessons yet.

Re:

[swillden]

Weeks earlier, a coder going by the username "UmbralUpsilon" -- had reached out to Day and Kellar on Discord, offering to create a bot that would make their platform more efficient.

You get some random e-mail from some random person and you just say "OK. Sure. Here's access to all our stuff". What the fucking fuck. This is beyond stupid.

They claim that the information they gave him had nothing to do with the attack, and I think it's a very reasonable claim. It looks to me like he got everything he needed from to source code of the relevant smart contracts.

Re:

[radarskiy]

The true mark is the one that thinks they are in on the con.

They messed up, pay up.

[Anonymous Coward]

All creators have their own stash of coins worth way more than 16 mil. They can pay out the losses. If they don't, this story is made up and they are thieves.

HAHAHAHAHAHAHA

[flippy]

Developer tip: trusting someone you don't know to develop something and integrate it into your financial platform is a bad idea.

Absolutely no sympathy from me for stupid people who do so.

Bullshit play currency

[Malays2 bowman]

In it's current state that's what all of this is. No real firm is going to do their business using a currency run by basement hackers who wear "My other computer is your Windows box" tshirts and go by "BloobieblooIamsospecial" instead of giving their real names. This tells firms to stay the hell away from "Crypto". One of the first things a firm wants to know is the names of the people running a banking operation. That's just how it is.

  Firms expect professionalism. Firms expect their bankers to wear Armani suits, and ride in limousines, all of that fluff. It seems materialistic and shallow, but it also indicates that the bankers take their careers seriously, and that they want to be taken seriously. And they are successful.

There is corruption but they usually know not to piss in the pot too much, bringing down the angry firms and the federal goverment upon themselves.

  So it's going to be a very long road to firms taking cryptocurrency seriously and using it for their operations, if it ever happens. Stories about a cryptobro playing around with an old tape recorder in his mom's basement will make sure it never happens.

Re: HAHAHAHAHAHAHA

[niftydude]

The lead developer should have stayed in school. From TFA:

At age 23, after dropping out of the University of Texas at Dallas when computer science classes werenâ(TM)t teaching him anything new, he started Indexed to solve a problem: What if you wanted to trade crypto but didnâ(TM)t want the daily hassle of managing a portfolio?

Happy story

[ThurstonMoore]

It's good to see the occasional happy story.

I needed a locksmith

[Anonymous Coward]

so of course I hired these guys that were like "we think locks are really interesting, and we think we've got this great new way to handle locks. We've designed a lock that we haven't really tested, but we're gonna hire some guys we don't know to improve the design."

Then I came home to find my house empty.

Just shooting himself in the foot

[slack_justyb]

Medjedovic hasn’t officially responded to either suit; he told me he doesn’t even have a lawyer in Ontario

Well that's a dumb move. We're talking millions of real dollars, you best lawyer up.

Nothing he did “involves getting access to a system I was not allowed access into,”

True. The guy didn't break into the system for sure.

He also saw it was possible to circumvent a safeguard limiting the size of certain trades within the pool. “At first, I didn’t believe it,” he said. He ran the calculations a few times, and, “on paper, it worked.” He spent the next month writing a script to exploit the vulnerability.

I cannot believe this guy actually said this to a reporter. That's literally giving incriminating testimony. Any lawyer would have said, "shut the fuck up" to their client when asked this line in an interview. This kid's lack of a lawyer is going to bury him.

Cicada also got an order for a search of Medjedovic’s parents’ house, where he’d been living. But when the search was executed on Dec. 6, he’d already left, taking his computer equipment with him. His parents and younger brother said they didn’t know where he was.

Well I mean if you ever want to look guilty in front of judge, do exactly this.

The case raises several tricky questions about how people should be allowed to interact with code on the blockchain

You know what, I don't even think the plaintiffs need to even get that technical. There's an abundant amount of evidence for attempt to defraud. And the operators of the system are those whom he is defrauding. From the chat's in Discord to the understanding the purpose of a piece of code and actively looking to break that piece of codes function. He was actively attempting to find a means to break the system and presented himself to the operators under false pretense. And the fact that he's running and actively hiding from everyone at this moment shows a pretty strong line for consciousness of guilt.

The kid needs to lawyer up fast. He's only doing things that's going to make his case (which he's got a good case to counter here) that much harder to present in court. He's literally going to have the court tossed at him for the simple fact that he's doing dumb shit, not because his argument is invalid.

Re:

[Anonymous Coward]

Yeah, IANAL and the legal actions are happening in Canada which is not where I live, but removal of his side of chats sounds like destruction of evidence. Taking things with him and hiding sounds like obstruction of justice. He's in a bad legal situation.

In the US at least, even if he isn't found guilty of any crime, he can still be sued in civil court where the legal standard softens from reasonable doubt to preponderance of the evidence. And flapping his gums like that to the press has skewered him.

Thi

Re:

[Anonymous Coward]

Generally, in the US, you can only be held criminally responsible for destruction of evidence if you can be shown to have had the intention to interfere with an investigation or possible investigation. Destruction of evidence in a civil context ("spoliation") generally just results in civil sanctions- fines to the court, adverse jury instructions, default judgement in severe cases, etc. Here, those messages may be evidence of fraud relating to the "initial fee" Indexed claims they paid, and if he indeed t

Re:

[JustAnotherOldGuy]

Destroying all your stuff and going on the run is enough to show an awareness of guilt.

Re:

[RightSaidFred99]

Kid sounds like a sociopathic little twerp. I'll take the side of a couple of tech bro grifters over an arrogant sociopath anytime. Worst case, would be a shame if someone showed up at his house and beat his face to a pulp.

Re:

[ThePyro]

It's like a variation of the the classic Security [xkcd.com] comic. The kid thinks nobody can touch him because his math/crypto skills are too good. He beat the system!

No, what he failed to understand is that the world is not run by math nerds. It's run by lawyers, politicians, and the rich folk who own them. They're going to hit you with legal actions until you buckle.

Re:

[cayenne8]

Yup.

If this guy would shut up, he could likely get away with all this with the right lawyers.

But from reading the larger article (yes, I know, this is /. and we don't do that generally)...this guy has a complex and thinks anything he says or thinks is the word of God.

He may have said enough to get into trouble, and if he'd just kept silent the whole time, I'd say he stood a good chance of getting completely away with it and keeping the money.

He really didn't break any rules or break into anything.

Howev

Re:

[lactose99]

And he'll blame the system, then the world for not understanding his pure genius. We have a sociopath on our hands.

There isn't any actual evidence of fraud

[rsilvergun]

Just a dumb 18-year-old kid who knows a lot about computers and not enough about the legal system. Unfortunately it looks like his parents on responsible enough to step in.

And all likelihood if he just got a lawyer he would be able to keep the money for the cost of a few million given to the lawyer. But he's an 18 year old kid and they tend to feel like they're invincible. The fact that his parents didn't step in and hire a lawyer and tell him to shut up tells me that he probably has a bad relationship

Re:

[Anonymous Coward]

There's an abundant amount of evidence for attempt to defraud.

Defraud whom, exactly? He caused software to make the trades it was programmed to make, according to the instructions of the owners of the assets. At no point during his transaction was any human misled or even aware of what was going on. If winning against that is fraud, then winning in the vast amount of algorithmic trading that goes on in traditional securities, commodities, and derivatives is equally fraud.

His false pretenses to the operator

Re:

[parityshrimp]

Good points. I see the story like this:

1. Crypto bros come up with ideas for this index coin or whatever. They have a strong concept for how it's supposed to work.
2. Crypto bros write some code to implement their system. They audit it. They even pay an outside firm to audit it. Looks good.
3. Clever kid comes along, reads the code, really groks it, finds a way to run trades that: (a) are allowed by the code, (b) go against the crypto bros' intent for the index coin thing, and (c) make the clever kid money

Re:

[slack_justyb]

Defraud whom, exactly?

Investors.

Canadian law s.380 provides the following

1. Identity of the accused - The person in question, Medjedovic

2. Date and time of the incident - The transactions are logged.

3. Jurisdiction established - This can be a technical that IF HE'D STOP RUNNING, he could potentially halt additional action by the court.

4. Something of tangible value was lost - ONSC 725 provides that trading of security backed investments be treated as property, but here's another he COULD possibly argue. However, it would be a b

Some jurisdiction questions arise

[presidenteloco]

First, there's whether executing smart contracts, by feeding them data compliant with their API, should ever be able to be illegal. If it can be, then it certainly removes from play the intended concept in the cryptocurrency universe and philosophy that the code is the law, when it comes to transactions transacted via the technology. If, instead, the law is the law, then jurisdiction questions surely apply, bigtime.

Where did the alleged crime take place? My understanding is that Ethereum smart contracts, li

Re:attempting to break the code's function

[presidenteloco]

Whether he was "attempting to break the code's function" or just going with the code's function, legally, may depend on whether the code was well-commented and well named as to what its purportedly intended function was.

If not, then we have to assess "the code's function" by looking at the code with each variable name and function name replaced by a meaningless symbol, and just looking at what the code does, mathematically and algorithmically.

If I write code like this:

func Add(a int,b int) int {

Lies .. all lies

[OzPeter]

The TFS says

Day's cat, Finney (named after Bitcoin pioneer Hal Finney), who perched on his shoulder in support

No self respecting cat would do that. Perch on his shoulder, sure, But in support? Hell no - the cat saw something in it for itself!

Re:Lies .. all lies

[UnknowingFool]

Surprise twist: It was the cat all along.

Re:

[rudy_wayne]

Well of course it was the cat.

Fucking cats.

Re:

[kackle]

Not unless the cat was observed, which, it couldn't be, because it was on his shoulders.

Quantum Cat

[kackle]

Good point; I would think so!

Re:

[innocent_white_lamb]

Dogs have owners.
Cats have staff.

software complexity

[awwshit]

These DeFi platforms seem to lack developers with experience with complex software and complex integrations. They've built a house of cards.

Re:

[Black Parrot]

These DeFi platforms seem to lack developers with experience with

scammers?

Re:

[clawsoon]

As somebody (probably on r/Buttcoin?) pointed out, you'll never get experienced, honest devs working on these. If they're experienced, they know that code is rarely 100% correct the first time around. If they're experienced and honest, they won't sign up to work on something where not getting the code 100% the first time around can result in disaster.

Re:

[parityshrimp]

Unless they're also experienced in formal methods, but that's kind of rare, so I think your point stands.

Re:

[clawsoon]

Can formal methods be successfully used with Solidity? I don't know enough about either to know the answer to that question.

Re:

[aaarrrgggh]

You sound surprised?

Reality is that almost all financial platforms have some mechanism where you can exploit them for profit. Enron is an easy example, but there are dozens of others. Regulations are essentially the only mechanism to overcome those shortcomings, which makes DeFi inherently unstable.

code is law?

[retchdog]

By the usual narrative, code is law and this fella earned every whatever-the-fuckcoin he "stole". Good for him!

Smarter Contract

[Nkwe]

So this stuff is all about running code on a blockchain right? (Technically it's putting code on the chain and having all the execution/validation nodes run and agree that the code has run.) We call this code a "smart contract". Is writing code that is better or "smarter" then other people's code even wrong or illegal? (With "better" meaning financially advantageous to the author.) It seems like the system is operating as designed.

Re:

[parityshrimp]

It seems like the system is operating as designed.

I'd say the system is operating as implemented. The implementers didn't intend for their system to permit the particular sequence of trades this guy ran, but they also weren't smart enough to foresee that it would allow them. The way I read the article, it really looks like the author of the code had his assumptions about how it should work too firmly in his mind while reviewing his own code and missed the counterintuitive trading strategy that could be used to make money against the intent of the system.

An

No sympathy

[groobly]

No sympathy from me. The more complicated you make things, the more time and money you waste dealing with them.

Move Fast and Break Things

[Tuxguin]

Yeah.... Some systems need years of hardening before they are suitable for public applications. Like irreversible transaction ledgers! Regardless, no one has proved that these products have any value yet outside of scams

Re: Move Fast and Break Things

[Malays2 bowman]

But they sure got the hype machine going!

  Next copes Crypto Cereal and "Do the Crypto" rap song.

  It's amazing how something that involves heavy math and networked systems could have such a thick huge ring of stupidity orbiting it.

So I've read the article now

[rsilvergun]

Which is a slog because modern articles make everything into a long winded story in order to keep you scrolling down and looking at advertisements.

So the short is this is basically a computerized securities and loan office. Where instead of having a person overseeing securities trades and loans a computer program automatically processes them.

Also the code that powers it appears to be open source. Making it really easy to find vulnerabilities in the logic.

And there were no vulnerabilities in the code exploited. No hacking or attack took place. The guy who got his 16 million just did a series of transactions allowed by the protocol. In particular there were limits placed on trades to prevent what he was doing so to get around that he took a few million dollars worth of tokens and just donated them which circumvented those limits and allowed him to proceed with the rest of his trades.

This is going to be an interesting test for whether or not DeFi works. On the one hand if a jury sides with the guy who did the trades the company implodes and DeFi is shown to be highly profitable to attack. It most likely can't survive that.

On the other hand if the jury sides with the company and the kid has to give back the 16 million that breaks DeFi. It becomes a house always wins scenario where no matter how good your trades are if the owner of the securities and loan office decides they don't like it they can have a jury overturn your trades. That will likely destroy any investor confidence in DeFi, since you'll know that any significant wins can and will just be overwritten by a jury. DeFi most likely can't survive that either.

Basically this whole web 3 cryptocurrency thing is one recession away from Total collapse. I just hope they haven't got their claws deep enough into the real economy that we all live in but they managed to drag us down with them. I'm going to be real pissed off if pictures of nonplussed primates and dumb kids writing code that tosses millions of dollars of fake ones and zeros around cost me my house and job

Re:

[Black Parrot]

Also the code that powers it appears to be open source. Making it really easy to find vulnerabilities in the logic.

That's not the popular claim about OSS & security.

Re:

[HiThere]

Actually, it is. "With many eyes all bugs are shallow" doesn't tell you who will spot the bugs.

Re:

[manu0601]

And it assumes there are many eyes looking at your code.

Re:

[laxguy]

oh come on now, this part was great!

The team breathed a sigh of relief. Once cyberattackers have been identified, they often return funds in exchange for a face-saving bounty and credit for being a “white hat” hacker. Day had already contacted UmbralUpsilon to offer a 10% reward for the tokens’ safe return, striking a note of grudging praise—“well played,” he wrote—but hadn’t heard back.

hahaha

They're actually correct

[rsilvergun]

if it's a hacker. This wasn't a hack. No unauthorized access to computer systems seems to have been granted. And there were no firm agreements between the company and the guy who got the $16 million preventing him from trading on the platform.

Basically, the anti-hacking laws that the company was hoping to use to threaten the guy with most likely don't apply. Meaning it'll be a civil matter, not a criminal one. That reduced the company's leverage against the kid.

The thing is, when a real hacker, one that exploited a computer system for unauthorized access gets caught, they can work out a deal because both sides want to keep the law out of it. The crypto bros don't want the SEC sniffing around and the hacker doesn't want to get thrown in prison.

But here? This was just trades. Nothing appears to me to have been done without the consent of the system. It's just that the system could be talked into things a human probably couldn't be. That's the danger of using unattended algorithms to do loans and securities trading.

Re:

[ThomasBHardy]

If you can help me grasp one part of what you said...

"In particular there were limits placed on trades to prevent what he was doing so to get around that he took a few million dollars worth of tokens and just donated them which circumvented those limits and allowed him to proceed with the rest of his trades."

Where did he get a few million dollars in tokens to trade to start that process? Seems odd.

The system automatically issues loans

[rsilvergun]

it's an automated securities trading and loan system. It literally loaned him the "money" (using the term loosely) that let him do it. They're a kind of micro loan you take out and pay off programmatically.

DeFi is all about using code to do finance. You've got an algorithm that decides who to loan money to, how to do trades, when to buy and sell a security (e.g. an asset of value), etc, etc. It's obviously crazy on the face of it. Doing multi-million dollar transactions without a human checking them is

Re:

[Coryoth]

Apparently he took out a "Flash Loan" and borrowed the tokens. Once he executed his trades to grab the money he bought up enough tokens to repay the loan and all was fine.

It seems it is totally normal for 18-year-olds to take out multi-million dollar loans with no collateral to back them in the crypto world? I feel like this points to a whole lot of other potential problems in the crypto/DeFi world.

Re:

[phantomfive]

he guy who got his 16 million just did a series of transactions allowed by the protocol. In particular there were limits placed on trades to prevent what he was doing so to get around that he took a few million dollars worth of tokens and just donated them which circumvented those limits and allowed him to proceed with the rest of his trades.

I don't see what the problem is here. He made transactions that were too large? And that someone made him rich? What exactly happened?

It was a successful test of the software system

[presidenteloco]

in that it illuminated / confirmed the existence of a new kind of bug that existed in the system.

Perhaps there should be a bug bounty.

Oh wait, there was.

Re:

[geekmux]

I'm going to be real pissed off if pictures of nonplussed primates and dumb kids writing code that tosses millions of dollars of fake ones and zeros around cost me my house and job

As opposed to Johnny B. Goode running around wearing way too much Moral&Ethic cologne, maintaining those rock solid stock markets? As if Too Big To Fail was some kind of deterrent. I hope those QE printing presses keep running smoothly, along with the last cog in Bidens head. Not even Hunter could get parts from Ukraine right now.

Re:So I've read the article now

[ljw1004]

Thank you. Here is more detail of the exploit, again from the article.

Here's the key section from the article:

Kellar was aware of one possible pathway for attacks: the mechanism Indexed used to introduce a token to a pool. When such a “reindexing” occurs—after, say, one token has overtaken another in market value to qualify for inclusion in a blue-chip fund—the pool sets the new token’s initial price using a complex equation. One variable of that equation is the value of the benchmark token; if you could somehow futz with the pool’s pricing of that token, you could theoretically compel the pool to misprice its other tokens. “I spent at least two weeks looking into this,” Kellar says. But he couldn’t find any errors, nor could two security researchers he paid to examine the code. So, he says, “I decided this is not an attack vector.”

That to me is an extraordinary red flag.

Back when I was a junior developer, asked to add generic co- and contra-variance support to C#/VB, I implemented this feature and then wrote a mathematical proof of its correctness. Except my attempt at a proof failed, and the failure demonstrated an underlying bug in the design of the .NET runtime. (I presented this failure and bug, and got invited to join the C# language design team).

Nowadays I'm employed as a tech lead for a team working on a compiler. If a team member ever says "I couldn't find anything wrong with my algorithm", I sure as heck ask them to prove why nothing will *ever* be wrong with it in any circumstance. If they say they spent two weeks looking and couldn't find anything, that's a sure sign that (1) this is a risk area else why would you spend two weeks, (2) their search technique was inadequate. Therefore we must either invest more time to come with a POSITIVE proof of correctness, or else KNOW that there'll be future bugs here so we have to invest now in mitigation plans for that eventual and inevitable bug.

Here from the article are the steps used in the exploit. Judging from these steps, it sure looks as though an attempted proof of correctness by Kellar would have revealed this flaw.

STEP 1: BORROW HEAVILY. Medjedovic’s code takes out a $157 million “flash loan” consisting of DEFI5’s component tokens, specifying that the funds will be returned (with interest) before the contract is finished executing.

STEP 2: HOARD UNI. The program spends $109 million to buy nearly all of the DEFI5 pool’s UNI tokens, purchasing batches at rapidly escalating prices—eventually, 860 times UNI’s market price. UNI is the pool’s benchmark token, from which it extrapolates its total value, and with the amount of UNI dramatically reduced, DEFI5’s value is suppressed by a factor of 380.

STEP 3: SWAP UNI for cheap DEFI5. Via a process known as “minting,” Medjedovic’s script swaps the UNI he’d bought plus more that he’d borrowed—worth a total of $53.2 million—for undervalued DEFI5 tokens worth $153.8 million.

STEP 4: BORROW SUSHI. The code takes out another flash loan, this time for $2.4 million worth of Sushi, a token being introduced to the DEFI5 pool in a process known as “reindexing.”

STEP 5: FLOOD THE POOL WITH FREE SUSHI. The program gives the Sushi to the pool, circumventing a limit on the amount of a new token that can be introduced. The script then trades Sushi for still-undervalued DEFI5 tokens. The script “burns” the DEFI5 tokens, trading them for its component tokens, which now include Sushi. Through a repeated process of minting and burning that takes advantage of the DEFI5’s low valuation, the code then ultimately exchanges $4 million worth of Sushi tokens for $21 million worth of other tokens.

STEP 6: CASH OUT.

STEP 7: PAY BACK THE LOANS, and keep the rest. The almost $160 million in flash loans is repaid. The remaining tokens, worth $11.9 million at the time, are stored in an Ethereum wallet.

Ah, so the author and owner of the system

[presidenteloco]

knew in advance that the behavior of the system that was exploited was present in the system, as designed, implemented, tested, and deployed.

And yet released it anyway and profited?

Who is the lawsuit targeted at again?

Intended function of the system

[presidenteloco]

In other words...
So the pattern of transactions used to obtain the money was included in the intended function, or at least in the intentionally allowed function, of the system.

I wonder how that affects the legality.

Re:

[parityshrimp]

Good post. Somewhat offtopic: you said,

modern articles make everything into a long winded story in order to keep you scrolling down and looking at advertisements.

uBlock origin, my friend. mostly no ads. element zapper for ads from the originating domain and not in a blocklist.

Your money under the mattress

[Malays2 bowman]

"On Oct. 14, in a house near Leeds, England, Laurence Day was sitting down to a dinner of fish and chips on his couch when his phone buzzed"

"co-founder of Indexed. Kellar was sitting in his mom's living room six time zones away near Austin, disassembling a DVD player so he could salvage one of its lasers."

"Weeks earlier, a coder going by the username "UmbralUpsilon" -- anonymity is standard in crypto communities"

  Stuff like this tells me to never invest any more than a couple hundered dollars in a project like this. Indexed Finance truly sounds like a basement hack job. I am going to stick with old fashioned banks and the stock market even with all of their faults.

 

The Fat Prince & The Barmaid

[sudonim2]

I'm sure there's a sharped dressed man in a suit with a fine watch and larceny in his heart that has a colorful name for every DeFi scheme. Like "The St. Louis Shuffle" or "The Madam with a Loaded Gun". I like to think this one is called "The Fat Prince & The Barmaid". Frankly, I've come to the conclusion that it's a moral imperative to part suckers from their money. For the good of society.

He shouldn't have to give it back; he didn't cheat

[mmell]

He changed the conditions of the test. He should get a commendation for finding a way to beat the no-win situation.

Devils deal ..

[burni2]

.. or I call it a "Smart Contract" and please have some sympathy for
me!

Pleased to meet you hope you guessed my name!?

https://www.youtube.com/watch?... [youtube.com]

tl;dr version?

[Fly Swatter]

So it was an inside job?

This can't be real.

[muh_freeze_peach]

Surely no one is so stupid as to let an anonymous person access the source code of a financial system?
Right? [youtube.com]

Re:

[presidenteloco]

Blockchain based systems tend to be open source, transparent systems, both for their data, and their code.

The concept is security through mass inspection of the code and data. It can be assumed, with a system like this, that initially, there may be more vulnerabilities, but that the vulnerabilities would decline quickly.

In a closed system, you just have to hope that no insider is corrupt. Look up the penny rounding (or salami slicing) bank fraud lore.

sent a fee

[bugs2squash]

So the guy offered to create a bot and they sent him/her a fee. Did they also grant some special kind of backdoor private access ?

If not then the perp simply used publicly available means to manipulate the price of an asset; sounds like standard finance-industry practice to me.

Re:sent a fee

[bill_mcgonigle]

> sounds like standard finance-industry practice to me.

Not really - he didn't buy any politicians first.

this story ...

[znrt]

... has been very entertaining and has given me a warm fuzzy feeling. i am not sorry at all about these 2 wannabe scammers, and can't be convinced to give a flying fck. actually, i wish all these morons were that stupid. should i feel bad about this?

What happened is kind of amazing

[Zontar_Thing_From_Ve]

Perhaps I am misunderstanding something, but I took a look at the article and what shocked me was the math prodigy got a "flash loan" of about $160 million worth of crypto to get the ball rolling on this from the attacked platform. It just kind of seems to me that maybe asking if someone who requests a $160 million loan can actually pay it back would be a terrific idea, but apparently at no point did that happen. The loan was a type that was going to be quickly paid back, so there were no checks and dude got his loan and used it to attack some bad code by making some specific trades that exploited the bad code and gave him over $11 million in profit. Again, as far as I can tell, he spent literally zero dollars to start this off, used only somebody else's money, and profited. And it looks to be an early variation of what took down Luna/USDT recently where the code writers assumed their code was perfect but they failed to consider that if somebody did a massively big trade that it might impact things in a negative way.

Re:

[parityshrimp]

Looks like it. There was a potential downside if the trick didn't work:

Medjedovic added that he’d taken on “substantial risk” in pursuing this strategy. If he’d failed he would have lost “a pretty large chunk of my portfolio.” (The 3 ETH he stood to lose in fees was worth about $11,000 at the time.)

Regarding

And it looks to be an early variation of what took down Luna/USDT recently where the code writers assumed their code was perfect but they failed to consider

The authors explicitly audited the section of the code that the trickster used and even payed an outside firm to do an independent audit. Neither found the problem in the code. My read-between-the-lines take is that the people who audited the code had too much of the concept of how the system should work in their minds, and that blinded them to some of the possibilities. Whereas the guy who tricked the algorithm was definite

Re:

[ljw1004]

Perhaps I am misunderstanding something, but I took a look at the article and what shocked me was the math prodigy got a "flash loan" of about $160 million worth of crypto to get the ball rolling on this from the attacked platform. It just kind of seems to me that maybe asking if someone who requests a $160 million loan can actually pay it back would be a terrific idea, but apparently at no point did that happen. The loan was a type that was going to be quickly paid back

The article explains that the flash loan is one that's repaid in the very same transaction. Why bother with asking whether the loan can be paid back, when the borrower has already actually PAYED IT BACK! I think in this sense a flash loan isn't like a normal loan; instead it's more like an accounting notation, or like when you do long subtraction and you "carry the 10", i.e. a notational convenience that hasn't actually altered the value of any assets.

Again, as far as I can tell, he spent literally zero dollars to start this off, used only somebody else's money, and profited.

The article says that he put in $11k of fees into these

Poor Cat

[polotheclown]

Could of left that whole cat smoked by a car piece out, Jesus. A simple, the cat ended up dying would of been fine.

Re:

[parityshrimp]

On a quick first glance, I saw the words "cat" and "smoked" and thought you were going in a very different direction with the poor cat. I like your post better after reading it more carefully. Good point.

"Dropped out of college"

[jythie]

I love how the founder describes himself as dropping out of school because "computer science classes weren’t teaching him anything new". Kinda sounds like he should have stuck around and learned more.

Re:

[thegarbz]

To be fair school let alone CS class does *not* teach you any skills required to avoid what happened.

Re:

[martinX]

They may have taught him humility. If his ego ran ahead of his talent in the safety of some of those classes, he may have realised he didn't know everything. College is where you are safe to make mistakes and learn from them, rather than be taught hard lessons by them.

Re:

[parityshrimp]

It does if they have classes on formal methods, and they should.

Re:

[jythie]

I had a similar thought. Programming classes might not make a difference, but any good program is going to have some classes in things like formal design and other software engineering topics.

why

[DarkOx]

"was when Medjedovic overwhelmed the pool with free Sushi,"

People are lining up to do business in an environment when the above is reasonable discourse..

Re:

[parityshrimp]

Well done. You win the thread in my book.

You wanted the wild west....

[Jfetjunky]

You wanted the wild west with no regulations and anonymity? You got it! It cuts both ways and they just happen to get the short end of the stick.

"took responsibility for the vulnerability"

[ayesnymous]

Taking responsibility doesn't mean just saying "I fucked up". It means returning the lost funds to the investors to make them whole again.

Re: defrauded

[Malays2 bowman]

"stop wasting electricity"

  Some countries have taken a steam roller to mining rigs for this very reason. All crypto has to back it up is waste!

  Yeah, it was a waste of possible good hardware to flatten them, but the payoff is much higher and comes swiftly.