But this doesn't really clarify how this exploit pays out. If he doesn't actually contribute to the pool but still gets credited for crazy amount of fake shares then where does the pool get the reward for those shares from?
Heres how it works
Miner connects to pool, authorises and subscribes for work
Miner conencts sets their own diff and starts doing work. work is calculated by a DIFF1. (what the difficulty of a difficulty 1 share should be). Now if a miner hashes away at their hardcoded diff and ignores the diff the pool is sending. so the pool would increase their difficulty on the pools end to the max set (depends on the pool) and the pool wouldnt know that the miner is ignoring it. since the diff1 is wrong on the pool the pool would accept the difficulty the miner says it is and wouldnt check what the actual difficulty is.
This means stratum thinks the diff == (theoretic scenario of 2048) while the miner is submitting a diff of (theoretic scenario of 0.001) so the miner will get paid for hundreds of shares with a diff of 2048 when really it should be 0.001