Up until the creation of tronsmartcontract.space, there was no way to see the public code for tron contracts like how you can verify ether contracts on etherscan.io. Since its creation, it became the standard for tron contract verifications and appeared to be trustworthy.New evidence suggests that "Khahn," the creator of tronsmartcontract.space, intentionally abused his position in order to publish incorrect code for a contract in order to hide a backdoor which would allow it to be fully drained for 26 million tron.The scam contract in particular was known as TronBankPro. It was a followup by same creators of a highly successful "daily ROI" ponzi dapp, TronBank, which had over a 100 million TRX in it at its peak.A few days ago, this new version had grown to about 26 million trx, when suddenly it was drained for the full balance 26,723,478.428024 TRX. At first, people were confused how this was possible. The drainer simply triggered a withdraw() function with a TRX value of .011911 TRX. According to the verified source code on tronsmartcontract.space, this should have not happened, since within the withdraw function is a require that makes sure that any value for withdraws must be zero:function _withdraw() private isNotLocked returns (uint256) {require(msg.value == 0, "wrong trx amount");So what happened? Why was this person able to send a withdraw transaction with the value of .011911 TRX, and why did it drain all the TRX in the contract? According to the code, this transaction should have reverted.It turns out that the public source code that TronSmartContract.space (TSC) had published was NOT consistent with the bytecode for the contract. Upon decompiling the bytecode for the contract, something interesting was discovered. There was an exception in the withdraw function specifically for if the msg.value was .011911, which in hex is 0x2e87. Here are the relevant snippets from the decompiled bytecode: https://ibb.co/yNtRrhc http://bit.ly/2H59XZY, it turns out there was a hidden drain feature where, if the withdraw() is triggered with exactly .011911 TRX value, it sends the entire contract balance to the sender. There is no doubt that the TronBankPro creators put this in there intentionally, and somehow managed to find a way to hide it from its public verification.There are questions, however:1 - Who executed the drain? Was it the developers?A bunch of smart people have been investigating this for awhile now within the discord/telegram communities. It appears that the person who drained the contract actually was unrelated to TronBankPro. They claimed were running a script analyzing decompiled contracts and happened to notice the exploit and decided to trigger it. The person who drained it stated they are keeping it under the logic that it was fair game by him and the evidence suggests that they were unrelated to TronBank or TSC; the morality of this is up for debate.more importantly,2 - Why did tronsmartcontract show an incorrect code that hid a backdoor?There are a few possibilities here. One is that tronsmartcontract verification tools are simply unreliable and someone found a way to abuse it. This has been investigated and, while their tool is not the best code, it does not appear to be a the case.Another possibility is that it was an inside job and TSC was involved with TronBankPro in plotting this. Could TSC have deliberately helped hide this? At first it sounded absurd, but new information has emerged. Here are the factsFact A: In the TronSmartContract.space discord, there was a peculiar conversation around the time it was launched:Saeid694Last Monday at 9:22 AM@Khanh [Founder-Developer] , hey Khanh, how are you ! i'm reading source code of Trx Pro that start today , in this Address in your website , i'm reading code , all of the code is this ? , i mean if there is any backdoor can i find here ?📷(edited)http://bit.ly/2YdrapL [Founder-Developer]Last Monday at 9:28 AM@Saeid694yep, if follow my althogym, that auto verify if bytecode match source code and conplier info.📷1@Saeid694 but that just for reference, this is beta version, I improve it every dayA little strange for them to be talking about this, but nothing damning.Fact B: This is where it gets juicy. You can find Khanh's tron address here on his donation page.Buy me a coffee ☕TTX5N2wxLeyWBSNE6UeaBjCFZbpa2FH6jrTHIS EXACT SAME ADDRESS DEPLOYED A TEST CONTRACT CALLED TBPRO BEFORE THE MAIN ONE WAS LAUNCHED AND TESTED THE EXPLOITTIMELINE:2019-04-28 9:35AM (UTC) TTX5N (Khahn) created contract TYZ4oPdPmwZS9xTUXhnFtQkPFFTi2iAydz called TBPRO (this appears to have been a test)2019-04-28 2:48PM (UTC) TronBank contract created TW9AE7u5QADp2uej9xdaNVTYtqsRuJZNxJ called TBPRO (this was the one that was actually used)2019-04-28 2:51PM (UTC) TronBank contract verified2019-04-30 2:00AM (UTC) TTX5N (Khahn) exploited his identical test contract (TYZ4o)2019-05-02 8:12PM (UTC) Hacker exploits Tronbank for 26 million.So yeah. Thats pretty much where it stands. When confronted with such, Khahn stated "my private key was leak and password github too" Personally I dont think this makes much sense at all. Hes basically trying to say that someone is trying to frame him, seems highly unlikely given all the facts. You can make your own conclusions, but the evidence is there.TLDR; The leading Tron contract verification service creator appears to have plotted a large scam attempt with TronBank team, but was intercepted by another hacker who noticed the exploit and drained it before they could.
Submitted May 06, 2019 at 03:51AM
No comments:
Post a Comment