shield Price Manipulation

Bob Exploit: Price Manipulation Incident Explained (2023)

Q: When did the Bob hack happen?

The Bob exploit was recorded on December 17, 2023 — 849 days ago.

Q: What type of exploit hit Bob?

The Bob incident is classified as a Price Manipulation. The attacker drives the on-chain price of a token up or down within a single transaction to extract value from the protocol.

Q: Which blockchain was Bob deployed on?

The Bob contract was deployed on BNB Chain, one of 23 documented incidents on that chain.

Q: How does Bob compare to the largest Price Manipulation attack?

The largest price manipulation incident in our archive is CreamFinance (2021) at $130M. The Bob loss was not publicly disclosed.

On December 2023, Bob suffered a price manipulation on BNB Chain — the first of 85 documented price manipulation incidents in our archive where the loss figure was not publicly disclosed but the exploit pattern is documented below.

Attack Mechanics: How the Bob Price Manipulation Played Out

Exploit Class Applied to Bob

The Bob incident on December 17, 2023 is classified as a Price Manipulation. The attacker drives the on-chain price of a token up or down within a single transaction to extract value from the protocol. In the full archive, Bob is 1 of 85 documented price manipulation incidents.

Bob in Context

The Bob incident joins a class whose largest loss to date is CreamFinance (2021) at $130M.

Prior Price Manipulation Before Bob

The nearest price manipulation incident before Bob was GoodCompound, 6 days earlier on December 11, 2023. The same exploit class surfaced again within the price manipulation attack surface.

Target Chain: BNB Chain

The vulnerable Bob contract was deployed on BNB Chain — one of 23 documented incidents on BNB Chain. This determines the block cadence, mempool, and forensic tooling available to investigators.

Impact & Recovery for Bob

Bob Loss Figure

The loss figure for Bob is not publicly disclosed. The primary source reports the exploit in non-USD terms, so no USD estimate is published here. For reference, the average loss across 85 price manipulation incidents in our archive is $3.9M.

Timeline Since the Bob Incident

The Bob exploit occurred 2.3 years ago (849 days). The contract, its fork-block, and the attack transaction remain on-chain and forensically reproducible.

Primary Reference for Bob

Public post-mortem / on-chain analysis for the Bob incident: view source.

FAQ

How much did Bob lose?

The Bob loss figure is not publicly disclosed. The primary source reports the exploit in non-USD token terms, so no USD estimate is published here.

When did the Bob hack happen?

The Bob exploit was recorded on December 17, 2023 — 849 days ago.

What type of exploit hit Bob?

The Bob incident is classified as a Price Manipulation. The attacker drives the on-chain price of a token up or down within a single transaction to extract value from the protocol.

Which blockchain was Bob deployed on?

The Bob contract was deployed on BNB Chain, one of 23 documented incidents on that chain.

How does Bob compare to the largest Price Manipulation attack?

The largest price manipulation incident in our archive is CreamFinance (2021) at $130M. The Bob loss was not publicly disclosed.

What is the significance of the l∞-norm ball in the proposed attack method?

It defines the allowable perturbation space for generating adversarial examples.

What are the research questions addressed in the study on leveraging I4.0 for SHSCs?

The study examines how I4.0 technologies support SHSCs, the barriers and enablers for I4.0 integration, and sustainability considerations.