does anyone know how did they do that and how can I fix that vulerability?

seems you got frontrunned

The hash: 0x513c01694a55ae0499a001d54c42f9dba85a550e9244714d35371117abadaf6b

i'm not an auditor but... there is no check of msg.value anywhere..?

it's a liquidity pool, why i can pick the function parameters, it's payable, but i can use the buy without MATIC?

i just did a simulation with your account 1 block before the other guy, you can see i set 0 wei as value but i still receive tokens

maybe i'm missing something? or it's hell broken lol

Ok, my contract is very bad as I can see that they have managed that...

i think your contract being bad is a symptom of your testing approach being bad

@lernashhar https://book.getfoundry.sh/

here you go

learn this and write code that's 100x better

Thanks a lot!

yeah with foundry tests you can litterally write a code full of exploits
as long you write good tests with expect, you simply have to correct your code until those passes

there's no need to be manually testing things in prod 😅

seems here you're missing a
require(msg.value == maticIn, "oe you need to pay bro");

but maticIn is also useless as parameter, use directly msg.value

🤔🤔

so this "buy" was not meant to be a public function

what's the original contract address? this seems a model of something old or unknown to me

Definitely you like my project if it feels like that)))

That's my contract, I have wrote all the contracts with ChatGPT

I didn't clone or fork anything

Except a little part of preasle contract ( which wasn't been hacked yet) ...)))

chatGpt doesn't make code outta nowhere, it's trained on data
You cannot use it to create contracts from 0, you can use it to speed up development, checks and documentation.
It's a companion/assistant, it's not something reliable yet with solidity

also check that video
https://www.youtube.com/watch?v=92bdU5uvsD8

probably what happened to you in that case

Ok but the idea of thatproject came to me and just wanted to see how it works. ChatGPT also didn't gave me that contracts very fast it took months while I have got a working model with working contracts...

I'll study everything. Thanks for your support!

good luck o/

@lernashhar you've seen the messed up hands and other details that AI generates when it draws ppl right?

it's doing the same thing with your contract security

I see it's not professional but that contracts are just for testing, and anyway it helps me study solidity. The using of ChatGPT is part of my learning process! I understand that for real projects contacts, professionals and audit needed...

be really careful about learning on LLM, they may suggest wrong or outdated things

@lernashhar the best way to learn is to write tests

because it actually checks your assumptions

you should be spending the majority of your coding time trying to break stuff with the test tooling

chat gpt is like a dunning kruger machine

Yep

It's really satisfying when you write a good test and puff, a wild bug appear and the fix is now clear

So I must have hardhat or the ganache?

for writing smart contracts, otherwise that won't be satisfying?

foundry, i already linked it

go read the foundry book

and every time you think you know something about solidity, write a test to check that you're right