ProofOfHack

Screenshots

Problem Statement

Proof of Hack enables whitehat hackers and security researchers to demonstrate their ability to identify vulnerabilities in a protocol without actually exploiting them. When a hack is proofed an emergency action can be triggered, such as a pause, to protect the asset and prevent any potential damage. It can also include a guaranteed payout to the whitehat to provide incentives.WhyHacks are badCauses damage even when funds are returnedWhitehat hate being downplayed by projectsFeatureEasy to implement, inherit the contract and override a few function to define the "hack" conditionThe exploit is simulated onchain without actually commiting the statesUsecaseWhitehat can secure protocols in prod with guaranteed payoutMEV searcher can frontrun hacker and secure the protocol

Solution

HowThe payload is executed and reverted with "success"/"fail" based on the defined hack conditionSubsequent actions are triggered based on the revert stringExampleUpOnly.sol This is a simple contract with an increment only counter, where it is "hacked" if the counter decremented, and would trigger a pause when that happens.POHSafeModule.sol Instead of implementing on the protocol, this can also inplemented as a Safe module where it trigger an action as the safe when the hack condition is met. For example, here we trigger a pause from the Safe (owner of the UpOnly contract)