Hi! can anyone tell what this function is trying to do? Sorry its the shitty decompiled version of the contract:

def unknown76a996d7(uint256 _param1, uint256 _param2) payable:
require calldata.size - 4 >=′ 64
require _param1 == addr(_param1)
if owner != caller:
revert with 0, 'Ownable: caller is not the owner'
require ext_code.size(stor103)
call stor103.0xf88a4f17 with:
gas gas_remaining wei
args addr(_param1), this.address, _param2
if not ext_call.success:
revert with ext_call.return_data[0 len return_data.size]

Calls a different function but only lets the owner do that

It does something evil. I know that because you don't have access to the source code

Is there anyway to know what that function is doing? Or is that obfuscated?

https://bscscan.com/address/0xc0e584344e7f6661f27c082a9ee1ad6a4ee06a51#code

It's just not in the code you cited

There's only a reference to that other function

0xf88a4f17 could mean transferFromCairoNetwork(address,address,uint256) but i doubt it

haha love that it was that easy to tell what I was getting at

it does have the same arguments tho

oh , looking at erc20 transfers it may be cairo related for sure

it was used to transfer cairo tokens out of the liquidity pool

stor103 is the contract that initialized this contract

It's probably phoning back to that contract in the function you're quoting

oooo that is super interesting!

Is there any legitimate use for a contract that can take tokens out of a liquidity pool?

like...could they have been like "oh this is a good idea and cant be exploited"

Supply control

Of a stable coin

ok, that might track... I think they did have plans for some burning and supply stuff....not a stable coin tho

but the function doesnt emit sync() 🙀

Sorry i am just starting out with sol, what does that mean?

after changing reserve0/reserve1 balance in LP, sync() is called

if not, someone else can call sync and receive the difference


rip cairo


ouch

https://bscscan.com/tx/0xea8ccb0021695bbce0d58faa83acae6bbb1a9c62392dfd6dd66eb5d81a6217db

https://bscscan.com/tx/0x1e674d81e9b7e5eb03eb5dd74bfd3ac2d25a7b15984c2b188a28febe005d4476

woah crazy, so it doesnt sound like there is a good reason to create a function like that

wow , never buy upgradeable token

Yea so they drained the tokens out of the pool, inflated the price then sold

The kicker is that the contract used in the exploit was deployed by the cairo deployer...and initialized by the person who stole the liquidity right before it happened. So either the contract allowed that person to use it, or it was coded badly

this is malicious code. owner can remove/transfer anybodys tokens including LP

That is good enough for me 😂. Imma keep poking around for my own edification, but sounds like an inside job. Classic rug

Lol

Seems safe 😆

For Cairo Network 😁😁

turns out, deployer left a contract uninitialized 100 days ago, that was able to run that function

it was initialized today by attacker (probably the cairo team)

$1m+

Cairo is trying to defend him point in the summary of the method 😂😂😂

the comment is hilarious lol

the classic "we didn't do anything"

it calls the transferFromCairoNetwork function on the other contract

here they add the malicious contract to the privileged users
https://bscscan.com/tx/0x519ef168990603e053fc810a8812bd9db9e0bf65953dd4a769367493ca445b6f

'audit passed'

:D

Guys do you experience troubles with Remix? When i write code, there is delay of 3-4 seconds and random freezes and when i try to copy stuff with ctrl+c it sends me to random part of the contract. It is like i am running program from 21st century into 20th century computer. This happens from 2-3 days with the latest Remix update.