Roll Hack
Incident Overview
The attacker's address:
https://etherscan.io/address/0x5fe4e712…be0167
The attacker's deployed smart contract:
https://etherscan.io/address/0xeaa86ddd…87bd9a
The attacker was able to gain access to the private keys of Roll’s hot wallet and steal social money stored in that address. The attacker then sold all the tokens on Uniswap for ETH and transferred the ETH to Tornado Cash.
The list of tokens that were affected: WHALE, FWB, KARMA, JULIEN, 1337, MORK, CHERRY, FAMILY, BEAR, SKULL, LADZ, RARE, ALEX, PICA, BAEPAY, SWAGG, KERMAN, CAMI, HUE, OSINA, ATS, GOB, ARKE, SCOTT, JAMM, FIRST, PAUL, DSGN, JOON, CALVIN, WGM, BPC, ALXO, YUMI, PIXEL, RDR, BONES, GCASH, FORCER, PYGOZ, TING, HERO.
The transactions of the token withdrawals:
https://etherscan.io/tx/0xc4b1d59c…b55d9a
https://etherscan.io/tx/0x5ebcf5b1…ccce3c
https://etherscan.io/tx/0xb35f41c3…d21f9e
Stolen funds were deposited into Tornado Cash mixer at:
https://bloxy.info/txs/calls_from/0x5fe4e712…be0167?date=clear&signature_id=994162&smart_contract_address_bin=0x905b63ff…ec7601
Incident Report
Protocol Information
What the Attacker Needed to Succeed
Understanding the prerequisites for this type of attack helps auditors identify protocols that are most at risk and helps developers build better defenses.
What Auditors Should Check
If you're auditing a protocol with similar architecture to Roll, these are the critical security checks that could have prevented this incident (March 2021).
- Verify all logic paths related to Private Key Compromised (Unknown Method) / Access Control are guarded by proper access controls and input validation - see the Access Control Attacks attack class for patterns
- Review privileged functions (owner, admin, governance) for potential abuse vectors - centralization risks should be documented and bounded with timelocks or multi-sigs
Master these auditing techniques with hands-on labs and real exploit scenarios in the Smart Contract Hacking course.
Free TrialFunds Recovery
Recovered
$750K
Net Loss
4947600
Security Audit History
- Audit Report 1 Report
Related Attack Classes
The technique used in this hack maps to these vulnerability classes in our security curriculum:
Sources & References
-
01
Source 1 https://rekt.news/roll-rekt/
-
02
Reference https://tryroll.com/security-incident/
- 03
Learn to Prevent the Next Roll
The Roll hack is one of many attacks that skilled auditors are trained to detect before deployment. Master real exploit patterns and defense techniques with hands-on Web3 security training.