In a crypto wallet whose password has been hacked and a bot has been installed on the account, the $26,000 pending stake can be stolen at any time.🤖
In the Dark Forest of the Blockchain, I will tell you the story of our fight against HackerBot, the victory with "Bot19", which is faster and sharper than the one I coded, and the $26,000 token I saved.
My specialist is smart contract coding, I also love solving the toughest problems of blockchain, so I also do recovery of stuck-tokens from compromised accounts
I first read the concept of "Blockchain Dark Forest" in 2020 in this article by Dan Robinson and was very impressed.
https://wwwparadigma.xyz/2020/08/ethereum-is-a-dark-forest
Dan Robinson is one of the most talented people in the blockchain space in the world. In this article, he tells us wonderfully about a battle with a bot on the Ethereum network, the defeat that followed, and the lessons to be learned from it. This article has had a great impact on me in fighting bots.
I get at least 5 messages a day from my Twitter account from victims whose accounts have been hacked and bots are connected to their accounts. Recently, I received a message from a user, he entered a fake site that should not have entered the seed words by mistake and panicked and had his seeds stolen. Afterward, the tokens in his account were immediately emptied by the hacker.
However, the 26K$ in stakes has not yet been discovered by the hacker. I immediately accepted the half request and immediately began to investigate.
A bot was linked to the stolen account by the hacker. This bot, when you send BNB tokens to the account for fee, it instantly sweeps them and sends them to the hacker account. (Hackers, airdrops, stakes, LPs, etc.) always connect bots to the account to steal possible tokens, remember these are professional thieves, this is their job)
⏳ Problem: In the Bsc blockchain, an account has $26k worth of staking in cryptocurrencies, the hacker can spot it anytime and absolutely nothing can be done due to the bot in the account.
🎯 Solution: Write a faster bot than HackerBot, launch an attack, take the coins from the staking before Hackerbot and move them to a secure wallet
I immediately started designing "Bot19" for the rescue, I knew from my past experience what I had to do. A coding time is spent in the following schedule for me: 70% Designing the Architecture + 30% Writing the Code
HackerBot
First of all, I write the things that need to be done on a Cheklist and they are done respectively, I like the way I do business :)
✅ 1- Synchronization between nodes in 1-BSc network is problematic, so I have to set up my own node and run my bot there
✅ 2- I have to calculate the reaction times of HackerBot and write a faster bot than these times
✅ 3- My transactions must be atomic, so they are all simultaneous, the slightest time gap means that I deliver the funds to HackerBot
✅ 4- Which Blockchain network you are fighting, the block structure of that network, block priority, transaction priorities, etc. you have to have a lot of serious knowledge and experience, I will review everything on this subject again.
✅5- Tests are very important, no matter what I code, the blockchain that is closed to the outside world will also test it and I will definitely see its success in the tests.
Designing the Bot Architecture:
1- If you are going to write code about stake, you should know how LP Pairs work very well in terms of technique and coding.
2-It is important to calculate the value of the fund to be saved as LP correctly, we get this value from the LP contract.
3- You need a fast node for the transaction, which is to set up your own node;
https://medium.com/@pieterc/running-a-full-node-with-geth-bsc-610085141248
4-For a bot with fast and Atomic processing capability; We can deploy Contract in blockchain and manage it remotely with Javascript Ether.js library. The Ether.js library is a technology that bot operators should know very well.
5-For your bot to be very fast, it is not enough to have good code, it should be fast and seamless on the hardware you use. For this we have to use Amazon Web Services
6- It is an inaccurate method to manually follow the staking expiry times of the tokens in staking, we must follow this and ensure that our bot automatically processes it at the end of staking.
7- Test: If you are writing blockchain code, you definitely know how important the test is. In this process, we optimize our bot according to the test results.
Sample Bot Test code;
https://github.com/AleRapchan/flash-swap-arbitrage-bot/blob/main/test/dai.js
I will not go into technical information, we wrote our codes with 160 pages of technical preparation, now it's time for the war. We have very little time
It's Time to Go To War
And we run our bot, it's coded to do all the operations atomically; Firstly, sending a fee to the account for transactions+ Removal of LP Stakings + Transfer of Unstaking tokens to a secure wallet and all this before HackerBot
And happy ending, we managed to move all the tokens to the safe address 😅🎉🎊
We are the winners this time in the dark forest of blockchain 🎯
Conclusion
Your wallet seeds are very important and you should definitely keep them safe.
If you want to support or brainstorm about the funds that need to be recovered from the hacked accounts, you can send me a message on my twitter account.