From 6a5f183ec3a1918b0dbff21661912464f941b5fa Mon Sep 17 00:00:00 2001 From: sudo rm -rf --no-preserve-root / Date: Fri, 18 Oct 2024 19:59:35 +0200 Subject: [PATCH] =?UTF-8?q?=E2=99=BB=EF=B8=8F=20Refactor=20`payload=5Fhash?= =?UTF-8?q?ed`=20to=20Use=20`cast=20hash-message`=20(#3)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ### 🕓 Changelog Refactor to use `cast hash-message` directly, deprecating the need for `chisel` (see [PR #9130](https://github.com/foundry-rs/foundry/pull/9130)). Additionally, include a note highlighting the need to set the `FLASHBOTS_SIGNATURE_PK` environment variable for proper functionality. --------- Signed-off-by: Pascal Marco Caversaccio --- README.md | 7 +++++-- go.sh | 2 +- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index fdd55ac..da39eb2 100644 --- a/README.md +++ b/README.md @@ -1,11 +1,11 @@ # White Hat Frontrunning -White hat frontrunning [script](./go.sh) to outpace hackers and secure funds from compromised wallets. The (Bash) script is intentionally designed with minimal dependencies, requiring only the native tools provided by Linux and [`cast`](https://github.com/foundry-rs/foundry/tree/master/crates/cast) & [`chisel`](https://github.com/foundry-rs/foundry/tree/master/crates/chisel) from [Foundry](https://github.com/foundry-rs/foundry). +White hat frontrunning [script](./go.sh) to outpace hackers and secure funds from compromised wallets. The (Bash) script is intentionally designed with minimal dependencies, requiring only the native tools provided by Linux and [`cast`](https://github.com/foundry-rs/foundry/tree/master/crates/cast) from [Foundry](https://github.com/foundry-rs/foundry). ## Usage > [!NOTE] -> Ensure that `cast` and `chisel` are installed locally. For installation instructions, refer to this [guide](https://book.getfoundry.sh/getting-started/installation). +> Ensure that `cast` are installed locally. For installation instructions, refer to this [guide](https://book.getfoundry.sh/getting-started/installation). First, modify the main loop in the [script](./go.sh). At present, it's set to send gas to a victim wallet and transfer a specific token. Since the main loop needs to be tailored for each rescue, please review and adjust it carefully. @@ -29,6 +29,9 @@ FLASHBOTS_SIGNATURE_PK="0x31337" TOKEN_CONTRACT="0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48" ``` +> [!TIP] +> When submitting bundles to Flashbots, they are signed with your `FLASHBOTS_SIGNATURE_PK` key, enabling Flashbots to verify your identity and track your [reputation](https://docs.flashbots.net/flashbots-auction/advanced/reputation) over time. This reputation system is designed to safeguard the infrastructure from threats such as DDoS attacks. It's important to note that this key **does not** handle any funds and is **not** required to be the primary Ethereum key used for transaction authentication. Its sole purpose is to establish your identity with Flashbots. You can use any ECDSA `secp256k1` key for this, and if you need to create a new one, you can use [`cast wallet new`](https://book.getfoundry.sh/reference/cast/cast-wallet-new). + Finally, execute the script: ```console diff --git a/go.sh b/go.sh index f78f535..3d12adb 100644 --- a/go.sh +++ b/go.sh @@ -65,7 +65,7 @@ create_flashbots_signature() { local payload="$1" local private_key="$2" local payload_keccak=$(cast keccak "$payload") - local payload_hashed=$(chisel eval 'keccak256(abi.encodePacked("\x19Ethereum Signed Message:\n66","'$payload_keccak'"))' | awk '/Data:/ {gsub(/\x1b\[[0-9;]*m/, "", $3); print $3}') + local payload_hashed=$(cast hash-message "$payload_keccak") local signature=$(cast wallet sign "$payload_hashed" --private-key "$private_key" --no-hash | tr -d '\n') echo "$signature" }