I was idling on a friend's Discord server, when he posted a small snippet of code, taken from a smart contract apparently swapping WETH to MINER, but who cares, what's interesting here is the bug, can you spot it?
function _update(address from, address to, uint256 value, bool mint) internal virtual {
uint256 fromBalance = _balances[from];
uint256 toBalance = _balances[to];
if (fromBalance < value) {
revert ERC20InsufficientBalance(from, fromBalance, value);
}
unchecked {
// Overflow not possible: value <= fromBalance <= totalSupply.
_balances[from] = fromBalance - value;
// Overflow not possible: balance + value is at most totalSupply, which we know fits into a uint256.
_balances[to] = toBalance + value;
}
As a hint, look at this transaction. Isn't it a cute bugdoor?
The snippet is taken from this tweet, giving the issue away. Thanks to Jinseo Kim for holding my hand understanding what was going on there.