Two forks met the same fate.
2116 ETH ($5.5M) was lost from Agave, and 2363 ETH ($6.2M) from Hundred Finance, giving a total of $11.7M stolen by the anonymous attacker.
This is the first attack we’ve seen on the Gnosis (xDai) chain, and the first time we’ve seen two protocols be directly targeted like this.
However, considering the structure of DeFi today, the double damage is not surprising.
Forks upon forks create a house of cards. If the code is copied and pasted, vulnerabilities can open up where they're least expected.
When one fork falls, all others have to check their foundations.
The attacks were made possible due to the design of the xDAI token which contains the function callAfterTransfer() creating a reentrancy vulnerability.
Using flash loans as initial collateral, the attacker(s) nested additional borrow functions inside one another, increasing the amount borrowed before the protocol could update the debt balance. Repeating this process led to borrowing assets worth far more than the collateral supplied.
The attack vector is the same as in the $18.8M case of CREAM Finance last August.
The stolen funds were then sent to the attacker’s ETH address and after a few hours 2116 ETH ($5.5M) were sent to Tornado Cash.
The stolen funds were then sent to the attacker’s ETH address and after a few hours 2363 ETH ($6.2M) were sent to Tornado Cash.
Forking strong code is not enough to ensure security after changes are made. The idiosyncrasies of each new environment bring new threats.
In this case, the Gnosis (xDai) design revealed hidden dangers not considered when porting the protocols from Ethereum.
Though both projects are forks from foundational DeFi protocols (Aave and Compound), the original projects have strict vetting in place to avoid allowing tokens with reentrancy vulnerabilities to be used as collateral. Additionally, as Mudit Gupta pointed out, following a “checks-effects-interactions pattern” is another way to mitigate such attacks from taking place.
Another entry on our leaderboard (#35), and another lesson learned the hard way.
REKT serves as a public platform for anonymous authors, we take no responsibility for the views or content hosted on REKT.
donate (ETH / ERC20): 0x3C5c2F4bCeC51a36494682f91Dbc6cA7c63B514C
REKT is not responsible or liable in any manner for any Content posted on our Website or in connection with our Services, whether posted or caused by ANON Author of our Website, or by REKT. Although we provide rules for Anon Author conduct and postings, we do not control and are not responsible for what Anon Author post, transmit or share on our Website or Services, and are not responsible for any offensive, inappropriate, obscene, unlawful or otherwise objectionable content you may encounter on our Website or Services. REKT is not responsible for the conduct, whether online or offline, of any user of our Website or Services.
you might also like...
Building bridges is a dangerous business. Another attack sees $4.4M taken from Meter.io on BSC, making Hundred Finance lose $3.3M in collateral damage.
The Midas touch has backfired, leaving a $660K hole in one of its jFIAT pools. The read-only reentrancy vulnerability is a known weakness of a recently introduced collateral type. Let’s hope this rushed decision doesn’t prove to be Midas’ undoing this time…
On Friday, Raydium, a Solana-based AMM, lost a total of $4.4M in fees from its liquidity pools. Post-FTX, the future of Solana feels uncertain...