Smart contract vulnerability, analysis of Euler Finance’s $195 million vulnerability incident

Enterprise 2023-12-17 01:36:11 views: null

Smart contract vulnerability, analysis of Euler Finance’s $195 million vulnerability incident

Event background

Zero Hour Technology Blockchain Security Intelligence Platform monitored the news that on March 14, 2023, Beijing time, Euler Finance on the ETH chain was attacked by hackers. The attacker profited approximately US$197 million. The attacker's address was 0xb66cd966670d962c227b3eaba30a872dbfb995db, and the stolen funds were 100ETH. It was transferred to the currency mixing platform Tornado.Cash, and the remaining funds are still at the attacker's address and have not been moved yet. Zero Hour Technology's security team analyzed this security incident in a timely manner.

Vulnerabilities and core

The function related to token balance modification in the contract has the function of checking liquidation. After executing the token transfer, the mortgage assets and loaned funds are checked, and the mortgaged assets are required to be greater than the loaned funds.


Due to the lack of check liquidation logic in the function donateToReserves, an attacker can adjust the loan to liquidation status through this function.

The attacker constructed two attack contracts, one of which performed the borrowing operation and the other performed the liquidation operation.
The loan contract lent 30,000,000 DAI through flash loan, then deposited 20,000,000 DAI into Euler to obtain 19,568,124 eDAI, and then called the mint function to lend 200,000,000 dDAI and 195,681,243eDAI, amplifying the assets 10 times.

The attacker then calls the repay function to continue staking, staking the remaining 10,000,000 DAI and destroying 10,000,000 eDAI, and then continues to call the mint function to lend out 200,000,000 dDAI and 195,681,243eDAI. At this time, the attacker has a total of 400,000,000 dDAI. and 400,930,610 eDAI.
The attacker calls the donateToReserves function in the contract to transfer 100,000,000 eDAI to the 0 address.

At this time, the attacker's address has a total of 400,000,000 dDAI and 300,930,610 eDAI, which has reached the liquidation condition. Due to the lack of liquidation judgment in this function, liquidation cannot be performed.
The liquidation contract called the liquidation function to perform the liquidation operation, and a total of 310,930,612 eDAI and 254,234,370dDAI were obtained.


The attacker then called the withdraw function to withdraw all DAI from the pool.

In this transaction, the attacker gained a total of 8,877,507 DAI

Summary and suggestions

This attack is due to the lack of liquidation check logic in the donateToReserves function in the EToken contract. The attacker can maliciously put the loaned funds in the liquidation state without triggering liquidation, allowing the attacker to trigger liquidation without transferring liquidation funds to the contract and make profits.

Security advice

It is recommended to add liquidation check operations to relevant functions in the contract
It is recommended that the project party conduct multiple audits before going online to avoid missing audit steps

Guess you like

Origin blog.csdn.net/weixin_28733483/article/details/133675648
Recommended
Ranking
error: (-215:Assertion failed) !_img.empty() in function ‘cv::imwrite‘
Database migration between Navicat servers
Minimum number of rotation of the array: Array
balenaEtcher for mac (make a boot disk software) v1.5.67
Custom processing serialization and deserialization in jackson
Mu-en-mask system development software
Mastering Regular Expressions
Find mileage Java--
Web pages can not directly concern the public micro-channel number how to do? A key to arouse public concern number of micro-channel solutions
[CodeForces - 739B] Alyona and a tree Tree + [difference] + bipartite
Daily
More
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)

Code World

© 2018 codetd.com