This is the attack vector we recently found for our client.
Researchers usually think ERC777 tokens make calls to token senders and receivers. But we described above that this is a myth - senders and receivers can choose any “Bob” as hook receivers.
So, imagine a target smart contract that allows making arbitrary calls to any address with any data.
Such functions can exist in DEX aggregators, wallets, multicall contracts.
- Attacker finds a function in Target that allows arbitrary calls
- Attacker makes a Target call:
- registy1820.setInterfaceImplementer(Target, hookHash, Attacker)
- Now, our Attacker is an implementer for Target
- Attacker can call with every hookHash used in major ERC777 tokens
- Every time Target receives an ERC777 token, Attacker receives a hook call
- The following attack is different depending on the target code:
- Attacker can reenter when some user executes a function in the target contract
- Attacker can just revert, so that the user’s transactions are just reverted
DEX aggregators may experience problems if they calculate that the optimal swap path lies through some DEX pair with some ERC777 token.