-i: (Optional) detect fund loss

[TrungNguyen1409]

what exactly does Ityfuzz do when you switch on "-i" option to detect fund loss? For example, Does it emit how much was taken from the protocol (ex: AES) providing the found exploit?

I was trying to look for something like that in the work_dir but nothing really talks about the loss fund.

Thank you so much for the answers in advance!

[TrungNguyen1409]

{ "bug_type": "erc20", "bug_info": "Earned 115792089237316195423570985008687907853269984665640564039457584007913129639935000000 more than owed 0, net earned = 115792089237316195423570985008687907853269984665640564039457584007913129639935000000wei (115792089237316195423570985008687907853269984665640564039457ETH)\n", "input": { "input_type": "ABI", "caller": "0x68dd4f5ac792eaaa5e36f4f4e0474e0625dc9024", "contract": "0xc30808d9373093fbfcec9e026457c6a9dab706a7", "data": { "b": { "type": "AUnknown", "concrete": {"b": {"type": "AEmpty"}, "function": [0, 0, 0, 0]}, "size": 0 }, "function": [0, 0, 0, 0] }, "txn_value": null, "step": true, "env": { "cfg": { "chain_id": "0x1", "spec_id": "LATEST", "perf_analyse_created_bytecodes": "Analyse", "limit_contract_code_size": null }, "block": { "number": "0x0", "coinbase": "0x0000000000000000000000000000000000000000", "timestamp": "0x1", "difficulty": "0x0", "prevrandao": "0x0000000000000000000000000000000000000000000000000000000000000000", "basefee": "0x0", "gas_limit": "0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" }, "tx": { "caller": "0x0000000000000000000000000000000000000000", "gas_limit": 18446744073709551615, "gas_price": "0x0", "gas_priority_fee": null, "transact_to": {"Call": "0x0000000000000000000000000000000000000000"}, "value": "0x0", "data": "0x", "chain_id": null, "nonce": null, "access_list": [] } }, "liquidation_percent": 0, "randomness": [0], "repeat": 1, "layer": 1, "call_leak": 4294967295 }, "sourcemap": null, "issue_source": null, "bug_idx": 0 }

[TrungNguyen1409]

the amount of earn = 115792089237316195423570985008687907853269984665640564039457ETH doesnt seem so right. I couldn't really find a reference on how to convert that amount to a correct one. does anyone have an idea how?

[shouc]

There is likely some code in the contract that can send all its balance to anyone. ItyFuzz assumes all accounts have max (infinite) balance.

-i detects any cases that attackers can pull the fund (erc20 + ETH) from the smart contract

[TrungNguyen1409]

oh wow. that's actually EdgFi's contract. They could have been in way worse trouble. thank you so much for you response!