Rather than a Compound fork, Ola describes itself as a “a technology provider that enables others to build Compound-like instances”.
Earlier this month, a similar incident on the Gnosis / xDAI chain gave the teams using Compound’s code plenty of warning.
But somehow, neither Voltage nor Ola got the news.
If only there was somewhere developers could keep up to date with exploits in DeFi…
These token types include a callAfterTransfer() function which can be abused to make additional transfers before balances are updated (provided the underlying code does not follow the recommended checks-effects-interactions routine of execution).
The original Compound code does not follow this pattern, however all proposed collateral tokens are vetted for this vulnerability before being added to the protocol.
Attacker’s address on Fuse: 0x371D7C9e4464576D45f11b27Cf88578983D63d75
Example tx (BUSD): 0x1b3e06b6b310886dfd90a5df8ddbaf515750eda7126cf5f69874e92761b1dc90
Attacker contract A: 0x632942c9BeF1a1127353E1b99e817651e2390CFF
Attacker contract B: 0x9E5b7da68e2aE8aB1835428E6E0c83a7153f6112
1: Contract A transfers 550 WETH to Contract B
2: Contract B deposits 550 WETH, minting 27,284 oWETH
3: Contract B borrows 507,216 BUSD
4: Contract BUSD calls back to Contract B via callAfterTransfer()
5: Contract B transfers both 507,216 BUSD and 27,284 oWETH to Contract A.
6: Contract A returns 27,284 oWETH to redeem initial deposit of 550 WETH and keeping the 507,216 BUSD as profit.
As BlockSecTeam explain:
“In the code logic of the borrow() function, the related internal states are updated after an external call. Specifically, the doTransferOut() function will invoke the transfer() function of the ERC677-based token, which will eventually lead to an external call.”
The above process was used repeatedly to take $USDC, $FUSD, $WBTC, $WETH & $FUSE.
The resulting funds were first bridged to Ethereum (originally funded by Tornado Cash) and then sent on to this address, where they remain in the form of ETH, WBTC, USDC (will Circle freeze these funds?) and FUSE, worth approximately $3.1M.
When Agave and Hundred fell victim to the same attack vector, we said;
When one fork falls, all others have to check their foundations.
Voltage Finance didn’t do that, and that’s why they’re taking their place (#64) on the leaderboard.
REKT serves as a public platform for anonymous authors, we take no responsibility for the views or content hosted on REKT.
donate (ETH / ERC20): 0x3C5c2F4bCeC51a36494682f91Dbc6cA7c63B514C
REKT is not responsible or liable in any manner for any Content posted on our Website or in connection with our Services, whether posted or caused by ANON Author of our Website, or by REKT. Although we provide rules for Anon Author conduct and postings, we do not control and are not responsible for what Anon Author post, transmit or share on our Website or Services, and are not responsible for any offensive, inappropriate, obscene, unlawful or otherwise objectionable content you may encounter on our Website or Services. REKT is not responsible for the conduct, whether online or offline, of any user of our Website or Services.
you might also like...
Fortress is in ruins after $3M was stolen by an oracle manipulation and malicious governance act. The UI is paused, but the contracts remain live. Will Fortress's ecosystem bail out users for the lost funds?
Mad Meerkat Finance (not to be confused with normal Meerkat Finance) lost $2M to a DNS exploit. Back-end attacks, front-end attacks, when will we see the end of the attacks?
Fei Rari - rekt. Seven of Rari’s Fuse pools were drained for a total of ~$80M. This isn’t the first time that Rari's got rekt - lets hope the hackers don’t go for a hat trick.