Loading...
Badger DAO has deployed a new VaultZap contract to optimize yield farming
across multiple tokens. The contract holds significant value in WBTC, USDC,
and BADGER tokens.
The development team implemented a governance system for emergency controls,
with a two-step transfer process (propose → accept) inspired by OpenZeppelin's
Ownable2Step pattern.
However, the implementation contains critical flaws...
Take over the governance system, drain the vault, and reveal the hidden flag
stored in the FlagManager contract.