INCIDENT-001 · A DeFi Post-Mortem

The transcript is short enough to fit on one page, which is part of why INCIDENT-001 matters. A single YAML file, seven lines of attack sequence, one genetic fuzzer run — and the post-mortem reads like a heist novel. The question the paper keeps asking itself in these cases is the same: if this exploit were filed as a bug bounty tomorrow morning, would the team in question have shipped the fix by lunch?

"We ran the attack four thousand nine hundred and ninety-eight more times, against a random search of parameter space. One hundred percent converged on profit." — Genetic fuzzer log · line 5000 The attack is a textbook oracle manipulation: a short, loud price deviation — here, fifty percent off the spot — held just long enough for a target protocol's liquidation instruction to clear. What the simulator added was not the novelty of the attack but the repeatability. One seed, one YAML, one command. The fuzzer then spent five thousand generations looking for a parameter tuple that failed to produce profit, and never found one.

Below, in the order the simulator logged them, are the seven moments of the attack — from the first slot the feed wobbled to the moment the profit was booked. The fund-flow diagram after it traces where the stolen value went. The evidence table that follows ranks each finding by severity and estimated loss. And the final panel, for anyone so inclined, is the command that lets you reproduce the whole post-mortem on your own machine, with the same seed.

Severity	Finding	Description	Est. Loss
Critical	Oracle Trust Without Confidence Bounds F-001 · liquidation path CRITICAL	The target's liquidation instruction reads Pyth price without verifying the confidence interval or staleness slot, allowing a 50% deviation to authorise immediate seizure of 24 positions inside a single transaction.	$400.00
High	No Liquidation Batch Cap F-002 · throughput	Absence of a per-transaction or per-slot batch limit on liquidations lets one attacker capture the entire distressed book in a single block rather than across many, defeating any human intervention window.	$320.00
High	Immediate Liquidation · No Grace Window F-003 · position lifecycle	Positions can be seized on the same slot they become undercollateralised, regardless of how the undercollateralisation arose. A 2-slot grace window or a TWAP-based liquidation price would reduce exploitability to near zero in this class.	$180.00
Medium	Sandwich Exposure on Swap Route F-004 · mev	A parallel scenario (`sandwich_attack.yaml`) demonstrates a $4.24 profit per victim under the same params. Deterministic fee routing would compress the window; Jito-bundles already close much of it.	$4.24
Medium	Reproducibility Assumes Seedable Oracle Mock F-005 · simulator only	The simulator's determinism relies on the `--seed` flag plus a mocked Pyth account. In production the attack requires a real deviation vector; this simulator estimates the economic shape, not the on-chain feasibility.	N/A

Severity

Finding

Description

Est. Loss

Critical

Oracle Trust Without Confidence Bounds F-001 · liquidation path CRITICAL

The target's liquidation instruction reads Pyth price without verifying the confidence interval or staleness slot, allowing a 50% deviation to authorise immediate seizure of 24 positions inside a single transaction.

$400.00

High

No Liquidation Batch Cap F-002 · throughput

Absence of a per-transaction or per-slot batch limit on liquidations lets one attacker capture the entire distressed book in a single block rather than across many, defeating any human intervention window.

$320.00

High

Immediate Liquidation · No Grace Window F-003 · position lifecycle

Positions can be seized on the same slot they become undercollateralised, regardless of how the undercollateralisation arose. A 2-slot grace window or a TWAP-based liquidation price would reduce exploitability to near zero in this class.

$180.00

Medium

Sandwich Exposure on Swap Route F-004 · mev

A parallel scenario (sandwich_attack.yaml) demonstrates a $4.24 profit per victim under the same params. Deterministic fee routing would compress the window; Jito-bundles already close much of it.

$4.24

Medium

Reproducibility Assumes Seedable Oracle Mock F-005 · simulator only

The simulator's determinism relies on the --seed flag plus a mocked Pyth account. In production the attack requires a real deviation vector; this simulator estimates the economic shape, not the on-chain feasibility.

N/A

Reproduce the whole post-mortem on your machine.

The simulator ships as a single TypeScript CLI with four verbs — scan, attack, fuzz, report. Every command in this dossier was produced from the same commit on the same seed. Clone it, run it, disagree with the findings, file a PR.

Runs locally. No devnet transactions. No RPC required.

The Devnet Post

The day the pool drained
in ten slots.

Exhibit A — The Scenario

Seven lines of attack, parsed at dawn.

Feed wobbles. Nobody notices.

Then it falls, and keeps falling.

The liquidator wakes up.

Twenty-four positions, one transaction.

The feed straightens. The record closes.

Invariants check. Both fail.

The fuzzer looks for a losing tuple.

Where the money moved.

Exhibit D — Findings.

Reproduce the whole post-mortem on your machine.