Here are a few more details behind the Compound bug from looking at a specific transaction. Alternatively, this thread is a brief guide to debugging with DappTools x.com/Mudit__Gupta/s…

To figure out what went wrong let’s look at this transaction, which claimed 91,170 COMP ($27M): etherscan.io/tx/0xf4bfef165… Using dapptools: github.com/dapphub/dappto… And duppgrade to make sure we’re on the most recent dapptools version: github.com/Rari-Capital/d…

Using a simple bash script with seth, we find that the list of markets the user has entered (`getAssetsIn`) is the same as the list of market inputs on Etherscan. So nothing strange here—the user just tried to claim COMP for all Compound markets they’ve entered.

The full tx trace can be seen with ` seth run-tx $txHash --source implementation.json --trace` This shows every call made, and because we bundled the source we get decoded method names and inputs. You can see the final call is the transfer of 91,170 COMP

Within that method, we’ll eventually get here where we check if `borrowIndex > compInitialIndex`. In the top left you’ll see we're executing the GT (greater than) opcode. This pops the top two elements off the stack, compares them, and puts the result on the stack.

ICYMI, dapptools-template is the easiest way to get started with DappTools. Built in Solidity tests, mainnet forking, fuzz tests, formal verification, deployment & deployment tests and more! github.com/gakonst/dappto…

Anyone hacking at ETHGlobal this year should definitely look into this! Ideal repo to get started with DappTools

Georgios Konstantopoulos DappTools Yesss, that's why we use the DappTools heavily for our ETHGlobal hackathon project serr. The fuzz tests, formal verification and hevm cheat codes. It so easy to use and make life easier. It's feel so gewwd wen it's green ❇

Played around with the decompiled contract. It was easy to read from the state using Seth from DappTools For example: seth call $store "balanceOf(address, uint)" 0x60...034 $tokenid Will call 'balanceOf' of contract address $store with args 0x60., $tokenId

dapptools?

ALPHA LEEEEEEK github.com/dapphub/dappto…

would you attend a dapptools workshop?

Smooth Risedle's contract deployment + verification using seth(1) by DappTools The dev experience is top notch. It helps me to iterate quickly on kovan

With gasnow going down, here is a diy version. `while sleep 13s; do seth basefee; done` 😜 DappTools DappHub

And of course @SyndicateDAO is hiring Solidity engineers. You'll work closely with me on new protocols. We use DappTools 🔥 x.com/SyndicateDAO/s…

i guess no need to say it at this point, but this "secure NFT launch" codebase by Anish Agnihotri is written with DappTools. great reference for people to learn from.

I guess I have been DappTools pilled :D my solidity template has now some tests using it: github.com/wighawag/templ… you get the best of both Hardhat (+ hardhat-deploy plugin) and dapptools Really like the speed of dapptools and testing facilities! zefram.eth t11s

Why DappTools: 1. no dependency hell (try seeing how big node_modules is) 2. tests in same language as the one im developing on 3. fuzzing, formal verifcation, code coverage, gas profiling all out of the box 4. interactive debugger 5. speed

More... dapptools dapptools dapptools dapptools dapptools dapptools dapptools dapptools dapptools dapptools dapptools dapptools dapptools dapptools dapptools DappTools youtube.com/watch?v=K3Umd1…

Just published setup-dapptools github action. It's very useful if u want to add CI in your existing pipelines (e.g. Running dapp test on every pull request) github.com/marketplace/ac…