There existed a glitch that allowed users to make an absurd amount of money in Cryptokitties that no one has been aware of, or so this guy is claiming.
Robert Durst, a âfull stack engineer with a slight blockchain obsessionâ, described his experience of âhackingâ Cryptokitties on hackernoon.
Durst exploited the âlikesâ feature to dominate the Cryptokitties marketplace. He says that, while the rest of the users were busy manually liking their kitties, he automated the process:
The average Cryptokitties user is not very tech savvy, so most of the like exploits were simply people creating multiple accounts on MetaMask and liking up their own cat. While this is effective for maybe 10â100 likes, it gets very time consuming when done in large quantities. Having had some experience with web3.js I sought to repeat this liking process, but with code.
The end result for him was this kitty with an absurd number of likes:
The đ of EU tech
The latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!
Durst describes the âritualâ to get an infinite number of likes for your precious lovely kitties as follows:
- Generate a public/private key-pair.
- Digitally sign the word âCryptokittiesâ and send this signature along with your public key to the CryptoKitties API.
- Receive back a login token.
- Use this login token to like a cat.
- Repeat as many times as you like.
Durst says that since he was the only one liking cats using the above method, he was easily able to dominate the marketplace. His strategy was simple: âlike a cat until it is the most liked cat on the market, sell, and repeat.
He, however, has bad news for anyone thinking of trying this method out â according to him, the bug no longer exists.
CryptoKitties development team has covered up this exploit, allowing only those with at least one cat to like other cats. This means, to replicate the above, you would need to pass a cat back and forth between accountsâââby the time you get to 20,000+ likes, the $$$ you spend on gas would be more than you could possibly make from a liked up cat.
We launched the like feature right before the team left for Christmas vacation. The exploit was found and fixed within days. Neither the script option nor the brute force method of creating multiple fake accounts to inflate âlikeâ counts is possible as the result of our fix. Currently, the only way to give a âlikeâ is to have an account that owns a CryptoKitty. While the fix prevents anyone from continuing to abuse the exploit, we have a long-term solution that will address the cats that benefitted from the exploit.
Get the TNW newsletter
Get the most important tech news in your inbox each week.