“How to PWN FoMo3D, a beginners guide,” says Péter Szilágyi, a developer at the Ethereum Foundation.
You start first with reading the code, which is in “multiple contracts totaling thousands of lines of code.” Then you find isHuman.
“If the entire FoMo3D contract suite is based on the assumption that it can only be called from plain accounts (i.e. you can’t execute complex code and can’t do reentrancy)… they’re going to have a bad time with constructors,” Szilágyi says.
Having this attack vector, he goes looking around for where it might be used and says the on chain random number generation (pictured) function within part of their smart contract is just what was needed.
“At this point, we can create transactions that within their constructor can calculate the result of this `airdrop()` method, and if it’s favorable, can call arbitrary methods on the FoMo3D contract (potentially multiple times),” Szilágyi says.
The good news is that the airdrops are a side-part of the smart contract that doesn’t affect the actual $12 million pot.
The airdrops are more an additional thing where you get the chance to win 25% of an ingame small pot. “We can create a contract that can 100% win,” Szilágyi says.
He does reveal some of the potential attack code that he says is untested as he did not think it was worth trying, with this affecting just “1% of the FoMo3D contract suite,” but he apparently was trying to make a point.
There’s some background story where “Team JUST reported this to you directly when the exploit was found in the running game Peter,” according to a person that seems to be from Team Just, the developers behind Fomo3d.
“The opcode works as documented and I explained clearly in your email that a constructor returns empty and also *why* it does so… It’s working *as*intended*,” Szilágyi says with emphasis his.
Apparently individuals from Team Just had been going around stating eth developers were ignoring what they say was a revealed bug, but Szilágyi is saying it isn’t, it actually works as it’s meant to.
Now there’s much technical discussion on the linked thread which coders would enjoy, but the lesson here really seems to be a fairly simple be nice to eth devs.