A trustless war room for whitehats
Submit your proof of exploit to claim a bug bounty without disclosing details through ZKP
Sample PoCs and Proofs
01AnyswapExp.sol
Even though the project team actively advised users to revoke the approvals, the hacker still stole over 900 ETH by making calls of anySwapOutUnderlyingWithPermit.
02SushiRouterExp.sol
The approval-related bug in SushiSwap RouterProcessor2 contract led to over $3 millon in losses.
03FuseProtocolExp.sol
Rari is a fork of compound finance that had this bug fixed earlier. This classic reentrancy exploit led to $79 millon in losses.
How 0xHacked Works?
Partners
Frequently Asked Questions
0xHacked is a trustless war room for white hats. Here, the whitehats can submit proof of exploit to claim a bug bounty without disclosing details through the zero-knowledge proof. Our goal is to safeguard the interests of whitehats and ensure they receive deserved rewards for their findings and efforts. Additionally, we aim to foster dialogue rather than destruction, transforming the relationship between hackers and projects. We hope you enjoy your experience at 0xHacked.
Happy Hacking!
- Fork the state from the specific block number on the Ethereum mainnet, and treat it as the initial storage state.
- Deploy the PoC contract and initialize the contract (including
deal
function, similar todeal
in Foundry). - Invoke the contract in the zkVM to get proofs and record the state diffs.
- Check if the initial storage state is correct and calculate the token balance changes.
- Evaluate if there is an exploit in this contract according to the ZK proof, state diffs, and token balance changes.
We run an EVM inside the zkVM based on RISC Zero. Special thanks to the great team!