https://twitter.com/AnciliaInc/status/1701355439504720228?t=jXSWyfwIN9Q7ltea685PEg&s=19
0x0DEX contract was exploited using parameter manipulation. 0x0DEX allows one to send funds (ETH) privately, which is based on two functions deposit and withdraw. 0x0DEX later introduced another function swapOnWithdrawal which extends the functionality of the protocol by allowing users to swap their deposited funds (ETH) privately. This swapOnWithdrawal function was exploited.
<aside> 💡 NOTE: The protocol privacy mechanism wasn’t broken i.e. (the ring signatures & stealth addresses implementation)
</aside>
swapOnWithdrawal functionWhen the withdraw function is called here
The amount withdrawn, i.e. the amount after collecting fees, is set as _lastWithdrawal just as it is set here:
Keep in mind the _lastWithdrawal is only set when a withdrawal is called from the swapOnWithdrawal function i.e. withdrawalData.wType is set to WithdrawalType.Swap. Also, note that WithdrawalType is an enum:
