SolidityFoundrySecurity ResearchDeFi
WETH Permit Exploit
Demonstrating ERC20 permit vulnerabilities in DeFi
Overview
A security research project demonstrating a vulnerability in ERC20 token interactions. The exploit targets WETH's lack of a permit function, showing how an attacker can bypass authentication by submitting an empty signature to fraudulently transfer funds through a bank contract's accounting system.
Highlights
- Demonstrates real-world DeFi vulnerability
- Shows how missing permit validation can be exploited
- Built with Foundry testing framework
- Educational resource for smart contract security