Learn Real Smart Contract Exploits
41
Real Attacks Reproduced
1.7B+
In Total Value Hacked
8
EVM Chains Covered
16
Vulnerability Categories
Total Losses: $7,200,000
MobiusDAO
Exploiting decimal precision errors to inflate token amounts
Total Losses: $2,150,000
Total Losses: $355,000
Four Meme
Preemptively manipulating pool prices during liquidity migration
Total Losses: $183,000
Total Losses: $8,700,000
Total Losses: $2,100,000
TornadoCash Governance Takeover
Hijacking governance by replacing approved proposal implementations
Total Losses: $2,700,000
Total Losses: $309,000
MBC Token
Manipulating token prices through public liquidity functions
Total Losses: $5,000
Total Losses: $7,000
Curve Pool Oracle
Exploiting AMM oracle prices during liquidity withdrawal callbacks
Total Losses: $180,000
Total Losses: $6,000,000
Total Losses: $35,000
Total Losses: $15,000,000
Total Losses: $300,000
Earning Farm
Bypassing withdrawal limits through unauthorized flash loan callbacks
Total Losses: $967,000
TempleDAO Spoof Old Staking Contract
Spoofing migration contracts to steal staked tokens
Total Losses: $2,300,000
Arbitrum Inbox
Exploiting reinitialization vulnerability in bridge upgrade process
Total Losses: $400,000
No losses reported
Nomad Bridge
Processing arbitrary messages through faulty validation logic
Total Losses: $190,000,000
Total Losses: $80,000,000
Total Losses: $2,000,000
Total Losses: $624,000,000
No losses reported
Total Losses: $1,550,000
Total Losses: $6,000,000
Total Losses: $1,700,000
Total Losses: $2,620,000
Wormhole Bridge
Bypassing signature verification through uninitialized implementation contracts
Total Losses: $10,000,000
No losses reported
No losses reported
Total Losses: $960,000
Total Losses: $3,000,000
Total Losses: $4,000,000
Total Losses: $18,000,000
Total Losses: $8,950,000
Polynetwork Bridge
Hijacking validator roles through sighash collision attacks
Total Losses: $611,000,000
Uranium
Breaking AMM invariants through incorrect constant calculations
Total Losses: $50,000,000
Rikkei Oracle Replace
Setting malicious price oracles through unprotected functions
Total Losses: $1,000,000
Total Losses: $15,000,000
No losses reported