Skip to content
By using Twitter’s services you agree to our Cookies Use. We and our partners operate globally and use cookies, including for analytics, personalisation, and ads.
  • Home Home Home, current page.
  • About

Saved searches

  • Remove
  • In this conversation
    Verified accountProtected Tweets @
Suggested users
  • Verified accountProtected Tweets @
  • Verified accountProtected Tweets @
  • Language: English
    • Bahasa Indonesia
    • Bahasa Melayu
    • Català
    • Čeština
    • Dansk
    • Deutsch
    • English UK
    • Español
    • Filipino
    • Français
    • Hrvatski
    • Italiano
    • Magyar
    • Nederlands
    • Norsk
    • Polski
    • Português
    • Română
    • Slovenčina
    • Suomi
    • Svenska
    • Tiếng Việt
    • Türkçe
    • Ελληνικά
    • Български език
    • Русский
    • Српски
    • Українська мова
    • עִבְרִית
    • العربية
    • فارسی
    • मराठी
    • हिन्दी
    • বাংলা
    • ગુજરાતી
    • தமிழ்
    • ಕನ್ನಡ
    • ภาษาไทย
    • 한국어
    • 日本語
    • 简体中文
    • 繁體中文
  • Have an account? Log in
    Have an account?
    · Forgot password?
    New to Twitter?
    Sign up
FatManTerra's profile
FatMan
FatMan
FatMan
@FatManTerra

Tweets

FatMan

@FatManTerra

FatMan from the Terra Research Forum I provide research, updates, and analysis on the Terra situation as it unfolds. Views are my own opinions.

fatmanterra.eth
Joined May 2022

Tweets

  • © 2022 Twitter
  • About
  • Help Center
  • Terms
  • Privacy policy
  • Cookies
  • Ads info
Dismiss
Previous
Next

Go to a person's profile

Saved searches

  • Remove
  • In this conversation
    Verified accountProtected Tweets @
Suggested users
  • Verified accountProtected Tweets @
  • Verified accountProtected Tweets @

Promote this Tweet

Block

  • Tweet with a location

    You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more

    Your lists

    Create a new list

    Under 100 characters, optional
    Privacy

    Copy link to Tweet

    Embed this Tweet

    Embed this Video

    Add this Tweet to your website by copying the code below. Learn more

    Add this video to your website by copying the code below. Learn more

    Hmm, there was a problem reaching the server.

    By embedding Twitter content in your website or app, you are agreeing to the Twitter Developer Agreement and Developer Policy.

    Preview

    Why you're seeing this ad

    Log in to Twitter

    · Forgot password?
    Don't have an account? Sign up »

    Sign up for Twitter

    Not on Twitter? Sign up, tune into the things you care about, and get updates as they happen.

    Sign up
    Have an account? Log in »

    Two-way (sending and receiving) short codes:

    Country Code For customers of
    United States 40404 (any)
    Canada 21212 (any)
    United Kingdom 86444 Vodafone, Orange, 3, O2
    Brazil 40404 Nextel, TIM
    Haiti 40404 Digicel, Voila
    Ireland 51210 Vodafone, O2
    India 53000 Bharti Airtel, Videocon, Reliance
    Indonesia 89887 AXIS, 3, Telkomsel, Indosat, XL Axiata
    Italy 4880804 Wind
    3424486444 Vodafone
    » See SMS short codes for other countries

    Confirmation

     

    Welcome home!

    This timeline is where you’ll spend most of your time, getting instant updates about what matters to you.

    Tweets not working for you?

    Hover over the profile pic and click the Following button to unfollow any account.

    Say a lot with a little

    When you see a Tweet you love, tap the heart — it lets the person who wrote it know you shared the love.

    Spread the word

    The fastest way to share someone else’s Tweet with your followers is with a Retweet. Tap the icon to send it instantly.

    Join the conversation

    Add your thoughts about any Tweet with a Reply. Find a topic you’re passionate about, and jump right in.

    Learn the latest

    Get instant insight into what people are talking about now.

    Get more of what you love

    Follow more accounts to get instant updates about topics you care about.

    Find what's happening

    See the latest conversations about any topic instantly.

    Never miss a Moment

    Catch up instantly on the best stories happening as they unfold.

    1. FatMan‏ @FatManTerra May 26

      The problem with having no duplicate check is an attacker can create a short position, and after 14 days, they could call their position ID multiple times in a list. This would let them steal funds from the lock contract over and over at little cost and zero risk. (4/12)

      2 replies 12 retweets 164 likes
      Show this thread
    2. FatMan‏ @FatManTerra May 26

      So - this bug exists and was quietly patched up - but we don't know if anyone ever noticed it or exploited it before. It would be hard to check since you would need to sift through months of chain data and millions of transactions - the Mirror forum didn't bother. (5/12)

      1 reply 9 retweets 145 likes
      Show this thread
    3. FatMan‏ @FatManTerra May 26

      Call it luck, magic, or God's will - whatever you believe in - a source fell into my lap inadvertently revealing that this attack had indeed been executed hundreds of times since 2021. Before today, this was not known by anyone at all. Let's go meet the attacker, shall we? (6/12)

      1 reply 14 retweets 183 likes
      Show this thread
    4. FatMan‏ @FatManTerra May 26

      I happened to look at a DM (I can only read a fraction of my DMs!) and almost binned it, but something in me told me to look into the address. The man was right - the address indeed had eerily perfect timing, almost as if they had word directly from TFL. Besides the point. (7/12)pic.twitter.com/U2mJk38ub5

      9 replies 25 retweets 223 likes
      Show this thread
    5. FatMan‏ @FatManTerra May 26

      Here is the address for your perusal. https://etherscan.io/address/0xdb886bf718fbf354eb4202b03ad13b1cafb01276 … I was able to map this address to a Terra wallet via bridge tracing, and it had some large and interesting transactions, so I decided to dig in. Here's the Terra wallet. https://finder.terra.money/mainnet/address/terra1200zm8crgjaj949ta8r7p6pay0qq638js4sdmh … (8/12)

      3 replies 10 retweets 145 likes
      Show this thread
    6. FatMan‏ @FatManTerra May 26

      Two coffees later, as I was about to give up, I found this. Hold on... What's going on here? A single transaction from October 2021 unlocking one position over and over again - and it actually executed. Here's the transaction: https://finder.terra.money/mainnet/tx/08DD2B70F6C2335D966342C20C1E495FD7A8872310B80BAF3450B942F79EBC1F … (9/12)pic.twitter.com/lklZHIYQqV

      16 replies 42 retweets 249 likes
      Show this thread
    7. FatMan‏ @FatManTerra May 26

      The lock contract didn't check that the funds were sent from the mint contract, so the attacker opened a position with $10 in collateral (!) and send $10k directly to the lock contract. They could then loop-unlock others' collateral over and over again from the contract. (10/12)

      1 reply 13 retweets 171 likes
      Show this thread
    8. FatMan‏ @FatManTerra May 26

      In one transaction, the attacker turned $10,000 into $4,300,000. This was actually done several times, generating a total of well over $30m. All of this went completely unnoticed by TFL and the Mirror team & community. This is the first time this attack has been revealed. (11/12)

      14 replies 58 retweets 380 likes
      Show this thread
    9. FatMan‏ @FatManTerra May 26

      And that's how with a little bit of luck and a lot of research, I found out about one of the greatest yet most simple smart contract exploits in blockchain history that went under the radar for almost a year. Who did this? I have no idea, but I'll try to find out. (12/12)

      11 replies 24 retweets 327 likes
      Show this thread
    10. FatMan‏ @FatManTerra May 26

      PS. They tried hard to obfuscate their cashouts on Ethereum, but we're looking for them, and I hope we find them eventually. My team of researchers and I are hard at work - you can hide IRL, but the blockchain never forgets.pic.twitter.com/RHpE5u4hn2

      26 replies 54 retweets 570 likes
      Show this thread
      FatMan‏ @FatManTerra May 26

      Afterthought: I just realized that the attacker siphoning out tens of millions over the year is probably why @ApertureFinance users and Mirror shorters couldn't withdraw the other day - there was no new 'bug' - the Mirror developer team really should have disclosed this...

      6:57 PM - 26 May 2022
      • 29 Retweets
      • 316 Likes
      • Inspire Matias Martinez Amarjit Singh lilm2a2d TYG dmitriy tsoy1 JJ Merelo Insiders traders club Rick Dudley (afdudley.eth)
      25 replies 29 retweets 316 likes
        1. FatMan‏ @FatManTerra May 29

          Two days on, I'd like to correct some claims going around: - I don't believe this was an inside job. No compelling evidence of that yet. - I'm not a 'genius' and I didn't find this all by myself. Story embellished for narrative; the credit goes to my amazing anon research team.

          17 replies 13 retweets 132 likes
          Show this thread
          Thanks. Twitter will use this to make your timeline better. Undo
          Undo
        1. sne premier wx‏ @SNEpremierwx May 26
          Replying to @FatManTerra @ApertureFinance

          Fatman what is going to happen to us with wluna?

          2 replies 0 retweets 3 likes
          Thanks. Twitter will use this to make your timeline better. Undo
          Undo
        1. Prepping for NFT.NYC !!! ₿lackΛlchemy.eth‏ @BlackAlchemySo2 May 26
          Replying to @FatManTerra @ApertureFinance

          not reporting this in the proper channels is something I would pursue

          2 replies 0 retweets 3 likes
          Thanks. Twitter will use this to make your timeline better. Undo
          Undo
        4. New conversation
        1. Emergent  🌒‏ @Rage_of_the_Age May 26
          Replying to @FatManTerra @weber_grillz @ApertureFinance

          But there is no mirror developer team

          3 replies 0 retweets 4 likes
        2. notwill ( 🌖, 🫠)  🔥 🕊️‏ @AllTheWill May 26
          Replying to @Rage_of_the_Age @FatManTerra and

          Yeah, but “What if I told you that Mirror Protocol, up until 18 days ago, was susceptible to the one of the most profitable exploits of all time, allowing an attacker to generate $4.3m from $10k in a single transaction? Here's how I discovered this - by pure serendipity. 🧵👇”?

          1 reply 0 retweets 5 likes
        3. Show replies
        1.  💎‏ @_ironjuice May 26
          Replying to @FatManTerra @ApertureFinance

          So crypto has exploits and researchers find them to make the project more secure. People act like this is a surprise

          1 reply 0 retweets 3 likes
          Thanks. Twitter will use this to make your timeline better. Undo
          Undo
        1. Moose al‏ @moosewolf0 May 26
          Replying to @FatManTerra @ApertureFinance

          Wow ,well done FatMan .amazing how could you be able to digging into Terra and expose their loopholes

          1 reply 0 retweets 4 likes
          Thanks. Twitter will use this to make your timeline better. Undo
          Undo
        1. Miracle‏ @snagguy May 26
          Replying to @FatManTerra @ApertureFinance

          https://docs.terra.money/docs/learn/terra-station/wormhole.html …https://www.techtarget.com/searchsecurity/news/252512957/Cryptocurrency-platform-Wormhole-loses-320M-after-attack …

          1 reply 4 retweets 3 likes
          Thanks. Twitter will use this to make your timeline better. Undo
          Undo
        1.  👩‍🦽‏ @B0ur3 May 26
          Replying to @FatManTerra @ApertureFinance

          🥴🥴🥴🥴what will happenpic.twitter.com/4WmDXhkR6p

          1 reply 0 retweets 0 likes
          Thanks. Twitter will use this to make your timeline better. Undo
          Undo
        1. CryptoEnthusiast‏ @cryptogeek001 May 27
          Replying to @FatManTerra @ApertureFinance

          Thanks for your hard work on this. We need people like you to perfect crypto.

          0 replies 0 retweets 5 likes
          Thanks. Twitter will use this to make your timeline better. Undo
          Undo

      Loading seems to be taking a while.

      Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

        Promoted Tweet

        false

        • © 2022 Twitter
        • About
        • Help Center
        • Terms
        • Privacy policy
        • Cookies
        • Ads info