In partnership with

TL;DR

A sophisticated attacker exploited Ethereum’s transient storage feature in SIR Trading’s smart contract, using a brute-forced vanity address to impersonate a UniswapV3 pool. The exploit resulted in a $355,000 loss. Poor security practices, including a single audit and limited funding, left the protocol vulnerable to this precision-targeted attack.

Sponsor of the Week

Receive Honest News Today

Join over 4 million Americans who start their day with 1440 – your daily digest for unbiased, fact-centric news. From politics to sports, we cover it all by analyzing over 100 sources. Our concise, 5-minute read lands in your inbox each morning at no cost. Experience news without the noise; let 1440 help you make up your own mind. Sign up now and invite your friends and family to be part of the informed.

Sign up today!

SIR Trading has suffered a complete wipeout of its $355,000 total value locked (TVL) after a hacker exploited Ethereum’s new transient storage feature, a powerful upgrade now proving to be a double-edged sword.

As the project’s founder shared a puzzling narrative about North Korean developers being “liquidated” during video calls, a real liquidation was unfolding behind the scenes.

A sophisticated attacker executed a precise exploit by crafting a vanity address and calculating the exact mint amount required to bypass the protocol’s security checks within the uniswapV3SwapCallback function.

This targeted move allowed the hacker to drain the protocol’s vault entirely, leaving it empty.

Four years of development and $70,000 raised from community supporters on Twitter disappeared in a flash, faster than Ethereum gas fees during peak NFT activity.

In response, the founder issued a public plea to the attacker, offering a $100,000 bounty for the return of any remaining funds, an act of desperation akin to asking politely after a major security breach.

Despite undergoing a security audit, the protocol’s vulnerability to a critical interaction with Ethereum’s transient storage remained undetected.

This incident raises serious concerns about the risks of integrating advanced blockchain features without fully understanding their security implications, setting the stage for a deeper examination of how the exploit unfolded.

SIR Trading, also known as Synthetics Implemented Right, lost its entire $355,000 in total value locked (TVL) on March 30 after an attacker exploited a vulnerability in its transient storage implementation.

The protocol had only launched on February 20, operating for just over a month before it was completely compromised. Its branding, promising precision and reliability, was quickly called into question.

The SIR Trading team acknowledged the breach publicly with a direct message to its users: "SIR has been hacked, do not deposit any further funds. We will post more asap."

Security firm TenArmor responded swiftly, confirming the exploit and tracing the stolen assets to Railgun, a privacy protocol that makes it difficult to follow transaction histories.

Their analysis identified the root of the issue as a transient storage collision inside the uniswapV3SwapCallback function. In this function, slot 1 of transient storage was being used simultaneously to store the Uniswap pool address and the minted token amount.

Decurity, another auditing firm, described the incident as a "clever attack" focused on the Vault contract. The callback function was designed to verify that the transaction was legitimate by checking if the caller’s address matched the value stored in transient storage slot 0x1.

The problem occurred when the same function later reused that memory slot to store the amount variable. As a result, the verification mechanism was rendered useless because the expected address had already been overwritten.

So, how did the attacker turn this technical oversight into a $355,000 windfall?

Security researcher SuplabsYi provided key insights into how the exploit unfolded.

The first step involved generating a vanity address that, when interpreted as a number, matched a specific 29-digit value: 95759995883742311247042417521410689.

This was not a trivial task. It required creating a wallet address that, once converted from hexadecimal to numerical form, exactly matched the targeted value.

Ethereum treats addresses as 160-bit numbers derived from the last 20 bytes of the Keccak-256 hash of a public key, as outlined in the Ethereum technical specification.

The attacker needed to brute-force an address that conformed precisely to the desired number, essentially converting what is usually a random identifier into a deliberate and carefully calculated access key.

With the right combination of computational resources and tools such as VanityEth or GPU-based brute-force scripts, this challenge was demanding but technically feasible.

With the vanity address secured, the attacker moved forward with a calculated and precise execution. This was not a chaotic smash-and-grab, but a highly orchestrated exploit with every step carefully planned.

Blockchain security firm SlowMist detailed how the attacker weaponized Ethereum’s new TSTORE and TLOAD opcodes, turning these advanced features into tools for a devastating protocol breach.

The process began by creating malicious tokens and setting up a UniswapV3 pool, which is a standard component in many DeFi exploits. The attacker then initiated a leverage market within SIR Trading’s Vault contract, effectively laying a trail the protocol would unknowingly follow.

When the mint function was triggered, the protocol used TSTORE to record the UniswapV3 pool address in slot 0x1 of transient storage, exactly as the developers had intended.

However, the critical issue occurred shortly after. Within the same function, the code overwrote that storage slot with the attacker’s precomputed mint amount: 95759995883742311247042417521410689.

This misstep erased the pool address that the system relied on for validation and replaced it with a value specifically crafted to match the vanity address generated earlier.

With the transient storage now compromised, the attacker deployed their malicious contract using CREATE2. This method allowed them to generate a contract address that matched their pre-calculated vanity address exactly, byte for byte.

The final move was to directly invoke the uniswapV3SwapCallback function. When the contract attempted to verify the legitimacy of the caller by using TLOAD to read slot 0x1, it found the attacker’s address instead of the intended Uniswap pool. This was a textbook case of digital identity manipulation.

It was the equivalent of walking into a bank with someone else’s ID and walking out with their savings. The protocol had no way to distinguish between friend and foe.

From that point, the Vault had no defense. The attacker repeatedly called uniswapV3SwapCallback from the malicious contract, draining funds with each execution.

Once the exploit was complete, the stolen assets were laundered through Railgun, a protocol known for obfuscating transaction trails and shielding wallet activity from public view.

Key details of the exploit are as follows:

• Attacker’s Address: 0x27defcfa6498f957918f407ed8a58eba2884768c

• Vulnerable Contract: 0xb91ae2c8365fd45030aba84a4666c4db074e53e7

• Attack Transaction: 0xa05f047ddfdad9126624c4496b5d4a59f961ee7c091e7b4e38cee86f1335736f

Post-Exploit Chaos

Reality delivered an unsettling twist just before disaster struck.

One day prior to the exploit, SIR Trading’s founder, Xatarrer, posted a bizarre story on Twitter. In retrospect, the timing felt eerily aligned with what was about to unfold.

He claimed a developer had reached out, expressing interest in joining the team. The candidate appeared promising, with impressive credentials and strong industry connections.

Before proceeding, Xatarrer subjected the developer to what he called the "Kim Jong Un test," a personal method for identifying potential North Korean operatives. The test involved asking the person to say something like, "Kim Jong Un is a fat ass ugly soyman."

According to Xatarrer, the developer hesitated. Then, the video feed began to blur. Moments later, the background slipped, revealing the individual lying motionless on the floor, with blood nearby. Xatarrer described it as a liquidation.

Before vanishing, the developer allegedly typed a final cryptic message:
"RPC sync issues affected my internal organs. While liquidation occurred at a remarkable 95% LTV, highest on North Korea, I recognize I fell short by my expectation."

The alleged developer from the bizarre story, known on Twitter as xPOSITION, vanished from the conversation. But just hours later, SIR Trading itself suffered a very real liquidation. This time, it was not graphic, but financially catastrophic.

As the exploit unfolded, founder Xatarrer’s online tone shifted dramatically. Gone were the memes and banter. In their place was a message filled with shock and heartbreak.

“Sorry. This is devastating news. I just came back asap from my kid’s training. I am in shock. Sorry to everyone. Investors, believers… I poured 4 years of my life. And now we just lost most of the funds to an attacker. I have no words.”

Faced with the loss, SIR Trading’s team attempted to open a dialogue with the attacker. The message they published read more like a desperate plea than a threat, offering a bounty in exchange for mercy.

“If you want to discuss privately… SIR isn’t some VC-backed copy-paste DeFi project, but a completely new type of leverage primitive. It’s four years of late-night coding, $70k from friends and believers, and we grew to $400k TVL organically without any advertising. If you keep 100% of the funds, there is no chance for us to survive. Here is my proposal: keep $100k as a fair share for your critical bug find, and return the remaining… We’ll call it even. No legal games, no drama.”

In simpler terms, the team was asking the attacker to settle for just 28 percent of the stolen funds, because they could only afford one security audit.

That single audit was conducted by Egis Security in February. While the review did uncover several high-severity vulnerabilities, it was not enough to prevent disaster.

Relying on one audit while deploying Ethereum’s most experimental storage feature was a risky decision. It was akin to entering a firefight with a water pistol.

Xatarrer acknowledged the shortfall. “We raised around $70k from folks in here which allowed us to do 1 audit which unfortunately wasn’t enough,” he admitted.

The founder also shared his frustration with the broader DeFi ecosystem. “We have walked alone because I have been basically stonewalled by VCs. Not even getting any feedback. Not sure how we would relaunch from here, but if you have any idea I’m all ears.”

As for the attacker, there has been no indication yet whether they will accept the $100,000 offer. Based on past incidents in DeFi, the odds of a peaceful resolution remain slim.

After losing most of their funds, the SIR Trading team claims they are preparing for a comeback. In a recent update, they admitted they’ve lost "most of their cash" and are now reaching out to auditors, offering token equity in place of cash payment.

Their pitch reads: "The risk is limited as we already showed the product can work live and the potential is huge." They clarified that this was not meant to be an April Fools joke.

The product did function as designed—right up until it didn’t. As some observers noted, it resembled a car that operates fine until the brakes fail. Despite the collapse, the team insists the “risk is limited,” even as they request auditors to work for promises instead of payment.

Meanwhile, the exploit has drawn new attention to Ethereum’s transient storage upgrade, a feature introduced with Dencun. As SupLabsYi noted, “This may be one of the first real-world attacks exploiting its vulnerabilities.”

The question now haunting the ecosystem: when DeFi protocols race to integrate bleeding-edge features, are users being placed directly in harm’s way?

Ethereum introduced transient storage as a tool to reduce gas costs and improve efficiency. However, SIR Trading appears to be the first project to demonstrate what can go wrong when this feature is misused.

Instead of being exploited through a basic coding mistake, the protocol was breached using a sophisticated mathematical approach. The attacker generated a vanity address that, when interpreted as a number, matched a specific value stored in the contract’s transient memory. This gave them the ability to manipulate the system as if they had legitimate access.

While the SIR team attempts to recover from the incident and negotiate with the attacker, the broader DeFi community must take note. Relying on limited budgets and minimal auditing, especially when working with Ethereum’s most recent and least-tested upgrades, introduces serious risks.

The real concern is not just the $355,000 that was lost. It is the possibility that other protocols using transient storage could be even more vulnerable, with significantly larger sums at stake.

When a protocol’s security model depends on keeping values separated in temporary memory, the margin for error is extremely thin. One misstep can compromise the entire system. Transient storage may offer efficiency, but without rigorous safeguards, it also introduces serious vulnerabilities.

The industry must now ask itself a critical question: how many more failures will it take before innovation is matched with accountability?