One of the most well known bugs is the ERC4626 first depositor inflation attack. It's so common that it would earn $0.00 when reported in a public contest. The bug actually exploits a really cool bug pattern and understanding this pattern can be used to discover unique high and critical exploits. Developers are told to "always round in favor of the protocol". In the case of an ERC4626 contract, this means rounding in favor of the vault. More specifically, it means "rounding against depositors and in favor of pre-existing vault shareholders". In the inflation attack the attacker controls 100% of the vault shares and therefore the rounding-in-favor-of-protocol actually rounds in favor of the attacker. Lesson: "Round in favor of the protocol" is often in fact against one user set and in favor of the others. The Wise Lending hack is an advanced application of this concept:
One of the most well known bugs is the ERC4626 first depositor inflation attack. It's so common that it would earn $0.00 when reported in a public contest. The bug actually exploits a really cool bug pattern and understanding this pattern can be used to discover unique high and critical exploits. Developers are told to "always round in favor of the protocol". In the case of an ERC4626 contract, this means rounding in favor of the vault. More specifically, it means "rounding against depositors and in favor of pre-existing vault shareholders". In the inflation attack the attacker controls 100% of the vault shares and therefore the rounding-in-favor-of-protocol actually rounds in favor of the attacker. Lesson: "Round in favor of the protocol" is often in fact against one user set and in favor of the others. The Wise Lending hack is an advanced application of this concept:
@banditx0x What surprises me is most people only think from the most common vector of being the first depositor and don’t realize there are many other ways you can create the conditions for share inflation without having such a strict initial condition
