ctf
Total reward
$100,000
Status
Completed
Findings submitted
1
Start date
28 Dec 2023
End date
14 Jan 2024
Superform CTF
Hack Superform, keep the money.
- Add your wallet address to your profile (Profile -> Edit Profile -> CTF Addresses).
- The contracts are live, you can (legally) hack it onchain.
- Use cantina code interface to submit a writeup about the exploit, with a link to etherscan / equivalent.
- There is no judging. No severity disputes. No PoC. Just hacking!
Planting The Flags
Starting December 28th, the Superform Protocol will be deployed on Avalanche, BNB Chain, and Polygon. Deposits will be made into 3 vaults on each chain for a total of 9 vaults. Deposits will be made into 3 vaults daily in tranches of $2.5k at 15:00 UTC until all deposits have been made.
The goal is to steal the ERC4626 shares held in Superform Protocol’s Superform contracts and tokens in transit from chain to chain. If stolen, the security researcher can keep the bounty in the vault. Users may do this via any protocol action — creating new Superforms, depositing/withdrawing from the protocol into vaults themselves via our contracts, etc.
Resources:
See the full announcement here