-
Notifications
You must be signed in to change notification settings - Fork 69
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Create 23-07-30-CurveFi * Update 23-07-30-CurveFi * Update 23-07-30-CurveFi
- Loading branch information
Showing
1 changed file
with
68 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,68 @@ | ||
| date: 2023-07-30 | ||
| target-entities: | ||
| - CurveFi | ||
| - Old versions of Vyper | ||
| entity-types: | ||
| - DeFi Exchange | ||
| - Liquidity Pool | ||
| attack-types: Re-entrancy Guard Exploit | ||
| title: "Curve’s Liquidity Pools Exploited for Over $70 Million" | ||
|
|
||
| ## Summary: | ||
|
|
||
| On July 30, a still-unidentified hacker drained over $60 million from stable pools that decentralized exchange Curve uses to offer exchange of tokens. | ||
|
|
||
| Curve ranks among the most esteemed and reliable DEXes and relies on automated market makers in much the same way as Uniswap. Though it is still functioning, Curve has seen an exodus of funds since the hack. | ||
|
|
||
| ## Losses | ||
|
|
||
| The attack drained $62 million in tokens, mostly wrapped Ether. It targeted four of Curve’s Ether-linked pools: pETH, msETH, alETH and Curve’s native token. | ||
|
|
||
| As illustrated below, the exploiter has been returning some of the funds. | ||
|
|
||
| Alechemix, another DeFi lending platform, saw its alETH/ETH lose 7,258.70 WETH and 4,821.55 alETH, worth a total of $22.6 million. pETH/ETH, associated with NFT lending project JPEG’d, was drained of 6,106.65 in WETH, roughly $11 million at the time. | ||
|
|
||
| After an initial failed [attack](https://etherscan.io/tx/0xe2eb61b1ff11e447b791e030039ce89ae294423da1622d0be8c7ec3b2ff1a22a) from seemingly the same hacker, white hat hacker c0ffeebabe deployed copycat code and [frontran](https://etherscan.io/tx/0xc93eb238ff42632525e990119d3edc7775299a70b56e54d83ec4f53736400964) that hack on msETH/ETH, draining 959.7 msETH and 866.55 ETH, worth just under $1.5 million which Metronome Synth has said it considers recovered. Another copycat blackhat seems to have swooped in to steal the remaining 435.86 msETH in that pool. Metronome Synth runs an app that mints synthetic tokens. | ||
|
|
||
| Curve’s own CRV/ETH pool lost 7,193,401.77 CRV, 7,680.49 WETH, and 2,879.65 ETH, for a total of over $24 million as of the time of the hack. The project has taken the biggest hit. Total Value Locked in the protocol slipped from $3.3 billion to $2.3 billion, according to [DeFi Llama](https://defillama.com/protocol/curve-finance). Its governance token, CRV, [lost](https://coinmarketcap.com/currencies/curve-dao-token/) about 40% of its value in the weeks following the attack. | ||
|
|
||
| ## Timeline: | ||
|
|
||
| July 30: | ||
|
|
||
| UTC 13:10 First exploit, on pETH/ETH pool, [begins](https://etherscan.io/tx/0xa84aa065ce61dbb1eb50ab6ae67fc31a9da50dd2c74eefd561661bfce2f1620c). | ||
|
|
||
| UTC 14:50: [Attack](https://etherscan.io/tx/0xc93eb238ff42632525e990119d3edc7775299a70b56e54d83ec4f53736400964) on msETH/ETH pool. | ||
|
|
||
| UTC 15:34: [Attack](https://etherscan.io/tx/0xb676d789bb8b66a08105c844a49c2bcffb400e5c1cfabd4bc30cca4bff3c9801) on alETH/ETH pool. | ||
|
|
||
| UTC 16:44: Vyper reports vulnerability, followed [immediately](https://twitter.com/CurveFinance/status/1685693202722848768) by Curve identifying targeted pools other than CRV/ETH. | ||
|
|
||
| UTC 19:16 and 19:30: Hacker pulls WETH and then CRV from pool | ||
|
|
||
| July 31: UTC 09:49: c0ffeebabe.eth makes return to Metronome Synth. | ||
|
|
||
| Aug. 4: JPEG’d confirms return of funds from the hacker. | ||
|
|
||
| Aug. 11: Curve [puts out](https://twitter.com/CurveFinance/status/1689995987073261568) post-hack safety report, but also [says](https://twitter.com/CurveFinance/status/1689995852411027456) 70% of funds affected have been recovered. | ||
|
|
||
| Aug. 18: Metronome Synth [releases](https://metronomedao.medium.com/vyper-curve-exploit-post-mortem-6a42d6d9fa07) its own post-mortem. | ||
|
|
||
| ## Attackers: | ||
|
|
||
| Unknown origins; Curve Finance has offered a $1.85 million bounty to anyone who can identify the hacker. | ||
|
|
||
| Just under $16 million of the hacked funds are still sitting in 0xb1c33b391c2569b737ec387e731e88589e8ec148 as of 25 AUG 2023. | ||
|
|
||
| The hacker did, however, return around $12.7 million to Alchemix, accompanied with a cryptic [message](https://etherscan.io/idm?tx=0x23c4799784c91023204bd68a94ec7a963486f2485dc43c13d8b804d5301b8041) about not wanting to destroy the project. | ||
|
|
||
| JPEG’d likewise [reported](https://twitter.com/JPEGd_69/status/1687554228695285760) that it had received 5,494.4 wrapped Ether out of a total of 6,106.65 WETH funds that the attacker had drained. | ||
|
|
||
| One outside beneficiary, c0ffeebabe.eth, is an MEV bot that frontran the attackers and has returned much of the funds. | ||
|
|
||
| Additional wallets retaining funds from the hack include 0x31b082da0362da255f103265e5f5a64210b40d31 and 0x6ec21d1868743a44318c3c259a6d4953f9978538. | ||
|
|
||
| ## Security Failure Causes: | ||
|
|
||
| - The hacker manipulated versions of Vyper, a compiler for the Ethereum Virtual Machine, that did not properly lock up a smart contract with a “re-entrancy guard,” which stops a user from executing multiple functions at once. | ||
| - The Vyper versions affected — 0.2.15, 0.2.16 and 0.3.0 — allowed the hacker to take out a flash loan from Balancer, which they then added to the stable pools at staggered intervals while also withdrawing from them. The hacker was able to redeem all or almost all tokens from the liquidity pools, rather than the proportion they’d deposited, before returning the initial principle to Balancer. |