MOD_06 // DUPLICATE_MUTABLE_ACCOUNTS
The Money Printer Glitch — Pass the same account twice, print free tokens
THE VULNERABILITY
A DEX swap function accepts two vault accounts (source & destination). The bug: no check that they're different accounts.
// Vulnerable swap logic
vault_a.balance -= amount_in;
vault_b.balance += amount_out; // OVERWRITES!
NORMAL SWAP
1000 - 100 = 900
0 + 150 = 150
0 + 150 = 150
EXPLOIT (same account)
Copy A: 1000 - 100 = 900
Copy B: 1000 + 150 = 1150 ← wins!
Copy B: 1000 + 150 = 1150 ← wins!
CONTROL PANEL
Connect wallet to interact
VAULT STATUS
CURRENT BALANCE
---
tokens
TOKENS PRINTED
+0
free tokens from exploit
SYSTEM LOGS
No logs yet...
How it works: Anchor deserializes each account into separate in-memory copies. When the same pubkey is passed twice, the last serialization wins.