MevRefund
@MevRefund
Followers
7,572
Following
36
Media
220
Statuses
1,077
MEV searcher (mid-tier), whitehat, blockchain surveyor
The mempool
Joined October 2021
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
#PKAtelier24xZNN
• 191285 Tweets
PKAW 2024 x NuNew
• 114848 Tweets
PAINKILLER24 x ZeePruk
• 39155 Tweets
#オールスター感謝祭24秋
• 28270 Tweets
花火大会
• 27804 Tweets
PLUTO OFFICIAL TRAILER
• 21546 Tweets
ヒロアカ
• 20001 Tweets
WALK WITH ENHYPEN IN GOYANG
• 16134 Tweets
35Y KPWxPPV
• 15839 Tweets
ファーム日本一
• 13527 Tweets
#だらだらひとりポテナゲ最高
• 12152 Tweets
#يوم_المعلم
• 11983 Tweets
PEAT X PAINKILLER
• 11216 Tweets
トガちゃん
• 10342 Tweets
Last Seen Profiles
Looks like an enormous hack for 2M BNB
Here's one tx:
115
197
695
Nice! Was just awarded my first ever bug bounty, $50K from
@opensea
!
Was expecting the minimum payout of $1K, given the relatively small loss (10ish Eth), but perhaps the potential damages were larger.
Here's how I discovered the bug:
33
76
694
A hacker got an assist from an MEV Bot today!
The inimitable 0xeef (one of the best in the business) spotted a tx in the mempool which could be backrun for 180 Eth. Submitted to Flashbots with their customary sub 50% bribe, it was accepted, netting the bot 100 Eth 👍
10
37
307
What's this?! A Flashbots block donating 0.03 Eth to Tornado Cash?!
Welp, seal's broken, might as well stop censoring now.
17
34
241
An MEV bot just got drained for almost 200 Eth.
@CapitalGrug
🧐
Always use protection on those callbacks, folks!
8
28
234
Bahahaha, Poloniex hacker just fat fingered $2.5M, sending a bunch of token to the token contract!
Someone's probably not making it back to the North Korean barracks tonight 😬
9
15
172
Hacktober continues 😢
Around 750 Eth has been extracted from EFLeverVault.
Luckily the attacker's first transaction was frontrun by 0xa57 who has been known to return stolen funds.
But second one got through, netting the attacker 268 Eth.
11
12
120
I discovered a bug in
@PrimitiveFi
yesterday.
As usual, by discover, I mean found someone on the blockchain actively exploiting the protocol.
It was a fun bug - attacker couldn't drain everything, could only take ~ $2K every 30 minutes.
Drama ensued.
6
15
113
Lol, a recent EIP bricked someone's MEV bot:
🫗
5
8
112
Found a contract holding 2400 Eth with very simple bytecode.
Go see if you can extract the Eth:
19
9
108
Found an artist on the blockchain:
They find old arbitrage contracts, claim their UNI airdrop for them (usually ~ $2.5K) and then find a way to extract from the contract.
So far they've hit up at least 5 contracts.
4
7
102
Someone from the Arbitrum Foundation has apparently never transacted on Ethereum before.
They deployed a contract to the ARB token address to rescue 60 Eth which had been mistakenly sent by some sad sack.
With no authentication 🙄
And then a mempool rescue 🙄
...
8
10
101
A very small number of users who lost millions of dollars.
Quit downplaying the severity. You're lucky the attacker wasn't super competent and only grabbed half.
You exposed $20M+ of your user's assets to theft.
A smart contract exploit earlier today has been contained and the affected smart contract facet disabled.
There is currently no further risk to users.
The only wallets affected were set to infinite approvals, and represented only a very small number of users.
We are engaging
0
83
377
3
3
101
Doesn't seem great that someone can buy out a whole block for a small amount of Eth.
Farewell transaction throughput 😓
10
6
87
MEV is never dull!
So the horrible trade I just tweeted about was backrun by 0xbadc0de for 800 (!) Eth.
It turns out, however, that the bot was aptly named, as someone else has exploited them, taking 1100 Eth!
3
6
87
Looks like
@beaverbuild
has started backrunning bundles / private txs in their blocks.
To make it easier to identify, I've helpfully labelled a few of their selectors.
Tbh, I'm surprised the major builders have refrained from doing so for this long.
10
7
88
The canceller is coming for your Eth!
0xBB1D6b3BE1396a4b5CCb8D061b302250bB2b73Fd has been paying huge gas fees to cancel some ancient contracts.
The contract appears to reimburse the canceller for gas fees, and send the remainder to the owner ...
8
12
82
You see a small group of searchers, politely taking turns, sharing a bribeless, long-tail opp every 8 hours.
Sure would be a shame if someone were to come along and:
8
8
83
Uhhhh ...
@bloXrouteLabs
am I reading this correctly?
For the low, low price of $15K per month, you'll let me see everyone's private transactions?
12
9
79
Damn son!
@beaverbuild
's new bot uses the exact same calldata as Jared!
When asked for comment they said: "We would've gotten away with it, if not for those meddling function selectors!"
8
13
79
In that same block however, someone else wasted 6 Eth in gas fees for a contract creation + failed transaction.
This was an attempt to frontrun the original hacker with a higher gas price. It would have worked too, had 0xeef not lifted the original tx to the top of block!
4
2
71
Are you sad because your MEV competitors are better than you?
Well, you can work hard and try to improve ... or ... just mess with their function selectors. Eat 💩!
4
5
74
I have a bot whose purpose is to identify smarter, better bots. It basically scans finalized blocks and tries to find transactions which look like MEV. I then manually inspect these transactions on Etherscan and *ahem* borrow the ideas of some of the more interesting ones.
3
1
71
Forget the ctf, you're missing the real drama - blackhat just got ingeniously counterhacked for 66 Eth!
0xcaa9 has been probing mev bots for a day or two now, with the Flashbots Discord looking on, enjoying the spectacle ...
Man's running a live sandwich bot audit as we speak!
If you get Ban'd, presumably you pass.
4
1
42
3
8
71
Oops, posted in the FB discord about a funny tax shitcoin which accidentally let anyone BUT the dev withdraw the taxes.
At the time, the token balance wasn't worth the gas fees to claim.
Now someone's already cleared 0.2 Eth:
You're welcome! 🫡
2
6
65
OK, I need some dev to explain why this dumb, buggy code keeps getting reused, costing 100s of Eth.
If I set out to build some stupid shitfork, I'd be forking UniV2 directly.
Make it make sense please.
10
7
68
Largest (and least bribe-y) arb I've seen in a while:
420 Eth arb, only 126 to the builder, and of that, only 22 to the validator!
Get to work on those Curve pools, anon ...
6
4
61
How to turn $3K into $300K in just a few minutes:
Be this guy:
5
6
59
So, as best I can tell, an
@airswap
market maker is signing bad trades - in the worst case swapping $1M USDT for 0.0000001 Eth
Code seems to be correctly verifying everything, 0x945 just seems to be allowing shitty trades.
Who profited from this though ...?
3
11
58
Daily PSA to double check your price before adding liquidity ...
... or don't 🫡
2
5
60
Lol, apparently even Bloxroute (quietly) acknowledges that they're doing something scummy.
User's private trade tx is backrun (without user consent!) by Bloxroute.
User complains, Bloxroute refunds their portion a day later.
If everything's overboard, why issue a refund?
5
5
59
Switched from geth to nethermind and proposed a block just minutes later.
Why didn't you guys tell me about the MINORITY_CLIENT_PROPOSER_BOOST parameter?!
5
2
60
Turning to one of my favorite tools , we can look for anything suspicious in the internal calls.
Lo and behold, a suspicious safeTransferFrom emerges!
2
2
56
Stop what you're doing right now, and come check out the fun shenanigans happening here:
7
5
56
Lol, the (presumably) initial Vyper exploiter appears to have sat on the exploit for almost 2 weeks, making sure everything would go perfectly ... still got frontrun 🤡
4
0
51
Hooray, your bot landed its first liquidation for 1 Eth (0.25 profit after bribe)!
Q: Was it a large liquidation?
A: Yes
Q: Did you rebalance pools afterwards?
A: ... No
Q: Did you leave 100+ Eth behind for a builder bot?
A: ... god damn it 😢
4
5
48
Pro tip: if you run an MEV bot that gets hacked / does an oopsie, always be sure to mention your (presumably scary, well connected) investors.
It worked for the jared donator, it worked for this guy, it can work for you too!
1
3
51
Thankfully the bug was fixed before too much damage was done. Only a handful of NFT sales were sniped, and it looks like most of them were unintentional generalized frontruns of legitimate sales.
0
0
45
How's
@CoWSwap
work?
Poor user just donated $140K to an MEV bot because of a bad Uniswap V1 leg.
Did they specify some massive slippage?
7
3
46
We have a new candidate for on-chain clown of the year:
This (Binance funded) addr deploys not one but two hack contracts which are triggered by calling Start and Boom respectively.
Guess who ends up taking the 6K Eth and 900 Eth?
Not him.
6
1
48
Generalized frontrunners really stepping up their game.
0xa19 stitches together calls from 2 separate txs in different blocks to walk away with $188K.
0
2
46
Man's running a live sandwich bot audit as we speak!
If you get Ban'd, presumably you pass.
MEV bot got exploited via unprotected callback for 8.88 ETH (~$16k) with a NFT called "Agent Origin (viet_nam)"
Lmao at the similarity to Agent Orange
0x0802cb621535999de2084b49f257d8bd0919cbfe03b186651689a74536e1a792
2
8
96
4
1
42
(One of?) the Flashbots builders seems to have malfunctioned recently and is currently including bundles with reverting txs.
Some examples:
Anyone happen to have some old Salmonella code lying around? 😆
3
0
44
tfw you're just looking to buy some POO coin, as one does, and then get gifted 100+ Eth:
3
5
42
PSA: If you were liquidated in this recent crash, please contact this builder for a refund.
800ish Eth profit in just a few hours ... well done!
4
1
44
Had the absolute privilege today of discussing builder algorithms with one of the genius founders of Flashbots.
Blown away by the intelligence, charm, wit, and raw sexual magnetism.
Makes
@GwartyGwart
look like a chump.
3
1
43
This is the best timeline
The
@SECGov
twitter account was compromised, and an unauthorized tweet was posted. The SEC has not approved the listing and trading of spot bitcoin exchange-traded products.
28K
10K
30K
0
26
36
Why are block builders granting access to their end of block state for so cheap?!
Man's only forking over 20% of 113 Eth:
Let me in on these backroom deals, I'll happily pay you 33%!
2
6
41
Unsafe CEX-DEX bot?
Someone just paid 50+ Eth in bribes in exchange for some pretty awful token swaps.
The very next block had a validator bribe of 157 Eth as searchers scrambled to fix the various pools involved.
Presumably a bug, but who knows?!
2
7
42
$20M stolen from sandwich bots 😱
Flashbots screwed up.
How it's supposed to work:
Relay sends some info (no txs!) to validator, who constructs a block and signs it. Relay broadcasts block and sends txs to validator so they can also broadcast.
What actually happened:
Block 16964664: A user managed to drain five MEV bots by exploiting a bug in mev-boost-relay.
Here's the block:
Here's the user:
Here's the patch:
Here's the longer explanation:
79
504
2K
3
5
43
Why is it so difficult to report hacks to crypto protocols in a timely fashion?
Anyone with non-trivial TVL should have some kind of on-call emergency pager role in their Discord.
Very annoying to watch a looting in progress and be left on read by the "online" team members.
2
0
39
To watch for user approvals and immediately call the multicall contract before the bad guys.
Managed to rescue ~ $12K before the phishers wised up and went back to a permissioned attack contract.
2
1
41
As it turns out, the arbitrage profits were so high because the tx was an exploit of Inverse Finance:
1
1
36
Hi
@beaverbuild
, I sent you a late bundle, apparently not giving you and the other builders enough time to PGA the bribe into oblivion, and it seems you pocketed most of it.
Where can I request a refund?
5
1
40
I can't stop watching this dumpster fire:
Quick recap:
- Dumped 180 Eth into some token, gifting a 70 Eth arb to some validator next block.
- Sold tokens for 78 Eth.
- Immediately rebought 10% less tokens for that same 78 Eth.
...
2
3
41
Me after receiving just 0.01 Eth for my block proposal.
This slot appears to be defective, may I have another please?
1
22
34
First searchers profit post I've ever seen that looks roughly correct.
Well done!
5
2
37
How to lose 300 Eth in 2 quick steps:
837 Eth -> 480 cbEth -> 513 Eth
Think the searcher who cleaned up this mess also fumbled the bag, bribing 90% on some pretty obscure stuff 🤷♂️:
5
4
39
Pretty nice looking scam. Reuters-y and everything. Though I suppose the title was a pretty big clue.🤦♂️
Went to check if I was sufficiently solvent. The tx which popped up would have made me much less solvent ...
5
2
36
Lol, guess that's one way of saying Flashbots only builds 10% of blocks now 😂
This button makes Flashbots 10x faster.
Get MEV protection & speed in one click.
3
4
64
5
2
36
Speaking of better, mind explaining how bloxroute is monetizing their private flow?
Just discovered that this address belongs to bloxroute.
Appears to be profiting from private order flow without offering any user refunds ...
SURPRISE!
bloXroute ETH Protect now *better* than Flashbot
I'm genuinely surprised, since FB are good builders, even if I disagree with them about a bunch of stuff
but FB Protect now share Tx hash with MEV-Share searchers, allowing to snipe this token launch
4
5
41
4
2
39
Just realized my arb bot actually saw this tx, offering up a 22.2 Eth bribe out of a (spectacularly badly routed) profit of 23.4 Eth.
I was almost the one pissing away millions! 🤣
5
0
37
Kyber probably: God damn it, why did we get the psycho?
Kyber "Director":
2
1
35
I generally find working with Go pretty pleasant, but this ... abomination ... is making me reconsider all my life choices.
2
8
35
Most likely they've contracted Jared to backrun their blocks for them. Feels a little ... sketchy ... to hand that kind of info over to the most prolific sandwicher, can you really ensure they're not abusing it?
More fun, tinfoil take: what if beaver ... *is* ... Jared?!
5
3
37
How in the world do you see a competitor drained a week ago and not think 'hey wait a minute, don't we have the same vulnerability?'
Degens deserve better devs.
We experienced a token approval exploit from our new router and have paused our router to contain the issue.
Any funds lost due to the bug on our new router will be compensated. Your keys and wallets are safe.
We will release a detailed response after investigations conclude.
356
245
996
2
9
33
Dunno what SwapGuard is, but you've granted it an allowance, and it allows anyone to make arbitrary function calls 😢
4
3
31
Anyone feel like tracing some (probably) stolen funds?
and
keep performing weird, large sandwiches that only they see (i.e. no bribe)
4
1
35
Guess it was just a massive psyop to make me waste a couple hours looking for a non-existant 55 Eth 🤨
Confirmed that the contract in question never lost weth, and that all the eth transfers were to miners, as god intended.
3
1
33
You people need to stop swapping $1.8M for $500!
Making me envious when I don't land the backrun 😢
7
4
33
Another day, another TG bot router hack:
This one's pretty sus though - unverified router contract appears to have a function which just calls transferFrom on your behalf ... 🤔
Did someone discover a rug before it could be pulled?!
0
19
29
Attacker made ~ $800K
Why didn't Balancer hack themselves? 🤔
Balancer is aware of an exploit related to the vulnerability below.
Mitigation procedures have drastically reduced risks, but are unable to pause affected pools.
To prevent further exploits, users must withdraw from affected LPs.
15
46
120
6
2
33
Weird hack story incoming. Not entirely sure if it's been contained yet though, so I'll hold my fire ...
3
0
27
... uh, guys ...? Think I just found the KyberSwap exploiter 🤔
Nothing is more satisfying than removing all your debug logs after getting a PoC to work.😌
6
2
77
0
1
33
Lol semi-private txs. Always make sure to read the fine print!
PSA: Do NOT trust
@bloXrouteLabs
's protect RPC.
We learned this the hard way today, with a loss of $150k+.
@bloXrouteLabs
publicly broadcast our white-hat rescue transaction for the
@unizen_io
deployment on Polygon, allowing MEV bots to frontrun it.
What happens:
We
16
39
172
2
0
33
0xf6c does not own the NFT, so a safeTransferFrom call should fail, but 0x495 (OpenSea Shared Storefront) seems to allow it.
The contract is unverified, so our detective work mostly ends here. I did try simulating a safeTransferFrom call to see if I could steal all the NFTs ...
2
1
28
Lord forgive me, I knew not what I hath done.
(I only tagged 2 bots, I wash my hands of these further crimes)
Begun the bot tagging wars have.
3
1
32
Ever wished you could send txs from the 0x0 address? Now's your chance!
🚨ALERT🚨Our system has detected an abnormal transaction related to the
@KyberNetwork
exploiter.
The address funded by the
@KyberNetwork
exploiter has received $50M worth of $HXA from the 0x0..000dEaD $ETH address using transferfrom function! 🤯
Address: .
5
25
99
1
1
32