Peapods reward contract was drained by sandwich attack.
“depositFromPairedLpToken” function of reward contract exchanges all pOHM token to PEAS token.
It has “_slippageOverride” parameter, hacker was able to do sandwich attack by setting this value to 999.
Total loss is $3.5k.
Leave a Reply