Yieldly HDL Distribution Pool Exploit
Q37. At the beginning of March, Yieldly announced they had found wallets abusing the HDL Distribution pool (https://twitter.com/YieldlyFinance/status/1500060434296033282?s=20&t=reW0nw6ggkQy5acX540UWA). Let’s look and see if we can identify the wallets or wallets that were taking advantage of the HDL distribution pool(https://app.yieldly.finance/distribution?id=596947890 ) logic. Identify the wallets that were taking advantage of the pool by looking at their application call transactions. We can identify the actions wallets were taking on this pool by using the algorand.application_call_transaction and decoding the application call action (try_base64_decode_string(tx_message:txn:apaa[0]::string)). For the wallets that were demonstrating odd behavior, is there a pattern to the actions they were taking in the distribution pool? If so, tell us what their behavior looked like. Tips: Look at algorand.application_call_transaction with an app_id of 596947890 Use try_base64_decode_string(tx_message:txn:apaa[0]::string) to decode what action was being done in the application call.