This script was used to rescue funds waiting to be withdrawn on the Kiln Onchain V2 Exit Queue to recover $7K worth of ETH from a compromised wallet.
- The compromised wallet has had it's private key leaked, a malicoius individual set up a bot to monitor for incoming transactions and to steal tokens as soon as they are deposited to the compromised address.
- To claim the ETH from the exit queue the compromised wallet needs to be seeded with enough ETH to pay for the gas fees (without the bots stealing the ETH as soon as it is deposited).
The solution is to send transactions to seed + claim + withdraw all in the same block. We can do this by sending these transactions as a bundled to the flashbot network using the ethers-provider-flashbots-bundle package.
- Send funds from
funding_wallet
tocompromised_wallet
to cover gas for claiming + transfering - Claim the exit queue ticket from
compromised_wallet
- Transfer claimed ETH tokens from
compromised_wallet
toledger_wallet
The transactions can be seen bundled together in block 19663505
Transaction | Hash |
---|---|
Funding compomised_wallet using funding_wallet |
0xba0c37...1da10e |
Claiming the exit ticket to compromised_wallet |
0x4e6945...013470 |
Withdrawing ETH from compromised_wallet to ledger_wallet |
0x172b1a...5bf065 |
Contract/Account Name | Address |
---|---|
Exit queue contract | 0x8d6Fd650500f82c7D978a440348e5a9b886943bF |
Compromised Wallet | 0xffCB8D87dAcc4BDE40Dda52b5a81eB25d094091e |
Funding Wallet | 0x7E72F7856465f64908C9a9c000E133ACb128F979 |