How did MEV steal your airdrop? Did the code written by AI lose the airdrop of AI after being reviewed by AI? Don't laugh, this is not a joke @The contract written by tokentable for @ AIWayfinder+@ KaitoAI airdrop, I'll dig out some interesting parts, even if you don't understand the code, you can still read it Let's sneak in! ⬇️ *Note that this article only discusses code and logic, and does not involve other inferences. If there are any errors, please feel free to correct them. one ️⃣ What happened? The user found that the coins were missing when receiving the airdropped PROMPT issued by @ AIWayfinder at @ KaitoAI. I immediately issued a warning, and @ tokentable (under @ sign), who provided airdrop contracts to Kaito, later confirmed that there were issues with the contract that led to it being snatched by MeV I also gave feedback in the @ okxchinese builder group as soon as possible. Someone questioned me for being funny because he turned on MeV protection when claiming it. How could he be robbed? The truth is in the code. two ️⃣ The magical code is full of errors function __endaddress_to, uint256_amount, uint32_clainId) internal { if (clainId == block.chainId) { recurrency.value == 0, UnnecessaryFee(); TOKEN.safeTransfer(to, amount); Leaving aside the code functionality, it is rare to encounter errors where chainId, clainId, and claimId cannot be distinguished clearly. The syntax for recycling. value==0 is also incorrect. Interestingly, the gas check function is malfunctioning, but it does not affect the running of the main program You said it was written by AI, which must be insulting AI, but don't you think so function __send(address_to, uint256_amount, uint32_clainId) internal { if (clainId == block.chainId) { require(msg.value == 0, UnnecessaryFee()); TOKEN.safeTransfer(to, amount); }} constructor(ERC20 tokenAddress) { // If you want it truly "hardcoded," you can directly assign: // TOKEN = IERC20(0x1234567890123456789012345678901234567890); // But for easier testing, we'll pass it in as a constructor argument: The signature tricks and comments of AI coding have not been removed yet... @ notice@ The paramERC20 has been changed to IERC20... plus the hard coded awesome suggestion comments, brother, it's better to delete them here. The boss can't understand the code, but English can still be understood, right? The key is that the brothers really listened to AI's words and directly hard coded the administrator role to a specific address, which is a multi signature address. three ️⃣ The coins are also gone, gas is still quite expensive? Some people have also reported that it is quite expensive for tokentable to receive 3u airdrop gas as a base. At first, I didn't pay attention to it, but yesterday's incident, looking at the contract code again, is interesting. function addClaimable( address[] calldata recipients, uint256[] calldata amounts, uint256 nonce ) external onlyRole(FUNDER_ROLE) My OCD is about to break out, what the hell is Caldata? This can also work, buddy. Solidity compiler version or 0.4. x? Never mind, don't worry, as long as the code can run. Perhaps people in other places have special definitions and coding hobbies. What needs to be said here is that this brother directly stored all airdrop information in an array of recipients and amounts using mapping, without using a Merkle tree. It's okay if you don't understand the code. Simply put, using a mapping project on the chain will consume a lot of gas, especially during large-scale airdrops. However, the gas that users receive is cheap and only requires one claim. Using a Merkle tree, the project only requires one root, and users need to verify when receiving it, which is slightly more expensive in terms of gas. A conscientious project! Why do users still need more than 3u of gas when claiming it? Is this a good question? four ️⃣ How did MEV steal your coins? I turned on the anti MEV, am I doing abstraction? Your MEV is on, but your address has been replaced. What does this mean? for instance. The delivery rider picks up the food, and the merchant only listens to who shouts faster. A delivery rider's delivery ending in 8888, when the delivery is ready, the merchant rings the bell to pick up the food. At this moment, rider A is still looking down at his tail number B rider shouted loudly, 8888 is here The merchant gave the takeaway to rider B The merchant did not verify the rider's tail number. In this contract, anyone can transmit declaration data to any address, but the token is always sent to msg.sender instead of the address specified in the declaration data. Mev monitors the memory pool and waits for the user to click on claim Replace the 'to' parameter with your own address Maintain the same amount and other verification data Accelerate and complete the attack Lack of recipient address verification, which is why even if MeV is turned on, it is stolen because changing your address is more deadly than running away. five ️⃣ How do attackers discover vulnerabilities? This is also a good question, who is so amazing at discovering vulnerabilities and miraculously writing code to snipe in such a short time? There is nothing new in the world. By searching for the approximate code of this contract, it can be found that a test contract was deployed before, and perhaps the vulnerability of this test contract was discovered. One of the contract deployers has also followed me, so I won't disclose their name. Please provide the following address. If you are interested, you can explore it: https://(etherscan.io)/find-similar-contracts? a=0x1A8B3BDC38566DF28b0B4e65DC28aF2069EB0645&m=exact It should be noted that unaudited contract testing exposed in the public domain is also dangerous, and there is no direct evidence to suggest that the tester is related to MEV, only as a possible speculation. That is to say, the attacker has already discovered vulnerabilities in the airdrop contract (formal or testing) before Sigh. six ️⃣ No audit? How does it end? This is not within the scope of my discussion, whether there is an audit and which audit requires tokentable disclosure. @Realyanxin has already said that they will compensate, even for the price difference. Having this sentence is enough, enough to have a clear pattern. But... sign, which has always been known for its high technology and high income, has encountered such low-level technical problems. Perhaps it needs to give the community an explanation? Internally, whether in terms of talent or processes, it is necessary to manage them well. Of course, I'm not in the community either, so you can ignore me without saying anything. seven ️⃣ A small suggestion For ordinary users, it is recommended to use OKX wallet @ wallet and remember to turn on the "anti MEV" function when conducting transactions or receiving airdrops. This can almost protect most of your transactions from attacks, but sometimes, if the contract goes wrong, it's not something the wallet can protect you from. *Please track and refer to the official statement of @ tokentable for the final result. This article does not constitute any investment advice.