This is a proof-of-concept exploit for the vulnerability in an Audius contract.
This is not an attempt to reproduce the actual exploit transactions (1, 2).
This is just an alternative, more simplified version of the attack, built for educational purposes.
- Fill the
script/Constants.solfile with your preferred RPC URL to fork. - Run script:
$ forge script script/Script.s.sol:AttackerScript
By setting the USE_PATCHED_VERSION flag in the script/Script.s.sol file to true, you may see how the patched version deployed after noticing the attack would prevent exploitation.