A hacker contract is created that calls the "transferFrom" function in the ERC20Interface with a very large value for the "amount" parameter. Since the contract does not have proper overflow/underflow checks in place, it will process the transaction and transfer more tokens than it intended to, resulting in token or ether theft.
Proof of Concept
Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept.
Lines of code
https://github.com/ProjectOpenSea/seaport/blob/5de7302bc773d9821ba4759e47fc981680911ea0/contracts/interfaces/AbridgedTokenInterfaces.sol#L4
Vulnerability details
Impact
A hacker contract is created that calls the "transferFrom" function in the ERC20Interface with a very large value for the "amount" parameter. Since the contract does not have proper overflow/underflow checks in place, it will process the transaction and transfer more tokens than it intended to, resulting in token or ether theft.
Proof of Concept
Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept.
Tools Used
Recommended Mitigation Steps