Damn Vulnerable DeFi — Challenge #5 Walkthrough

Peter Kacherginsky
4 min readDec 18, 2020

Let’s continue our journey of learning about vulnerable DeFi applications. The next exercise, the-rewarder, challenges us to cheat at getting all of the rewards in a stripped down liquidity pool app:

There's a pool offering rewards in tokens every 5 days for those who deposit their DVT tokens into it.Alice, Bob, Charlie and David have already deposited some DVT tokens, and have won their rewards!You don't have any DVT tokens. Luckily, these are really popular nowadays, so there's another pool offering them in free flash loans.In the upcoming round, you must claim all rewards for yourself.

The challenge consists of four different contracts with the following functionality:

  • TheRewarderPool.sol accepts DamnValuableToken deposits and awards RewardTokens every 5 days. The contract uses AccountingToken for record keeping of deposited tokens.
  • RewardToken.sol is a simple ERC-20 token with basic minting functionality. It is used as a reward for keeping DamnValuableToken deposited in TheRewarderPool.
  • AccountingToken.sol is an ERC20Snapshot token. It is used to keep historical balances of DamnValuableToken deposited into TheRewarderPool and to calculate the amount of RewardToken to award users.
  • DamnValuableToken.sol, also referred to as a Liquidity Token, is a simple ERC-20 token. It is used as a liquidity token which can be deposited…



Peter Kacherginsky

Blockchain Security, Malware Analysis, Incident Response, Pentesting, BlockThreat.net