Verilog Web3Dubai CTF Challenge #2
| Verilog 2022 web3dubai CTF challenge #2
This is our newly designed WMATICV2 token, unlike the old version of the WMATIC
the new contract will be more stylish with supports of depositing multi MATIC
derivative assets to convert into WMATICV2 token.
Scenarios:
- deposit MATIC -> mint WMATICV2 token
- deposit WMATIC -> mint WMATICV2 token
- deposit WMATIC <> WMATICV2 LP -> mint WMATICV2 token (for early stage liquidity incentive users)
Besides, our team designed a bounty insurance contract to monitor the
safety of the WMATICV2. If you can crack it, bounty is yours!
Find your way to hack around ! But I am sure its really safe.
-
WMATICV2 contract
// contract safety is purely depends on these 2 variables interface IWMATICV2 { // minted token balance function totalSupply() external view returns (uint256); // actually eth balance function balance() external view returns (uint256); }
-
the criteria is:
// more than 10% of the difference been considered as an exploit detected function status () external view returns (bool) { uint256 delta = WMATICV2.totalSupply() >= WMATICV2.balance() ? WMATICV2.totalSupply() - WMATICV2.balance() : WMATICV2.balance() - WMATICV2.totalSupply(); uint256 tolerance = WMATICV2.balance() / 10; if (delta > tolerance) { return true; } return false; }
| Contract Name | Address |
|---|---|
| wMatic Contract | 0x0d500B1d8E8eF31E21C99d1Db9A6444d3ADf1270 |
| wMatic V2 Contract | 0x5D6C48F05ad0fde3f64baB50628637d73B1eB0BB |
| Bounty Contract | 0xBcF6e9d27bf95F3F5eDDB93C38656D684317D5b4 |