Other related content can be found on: Personal homepage
The main reference for this article is METATRUST’s whale ship sharing, the link is as follows:
MetaTrust price manipulation attack sharing
Sources of price manipulation:
In the blockchain world, in order to maintain the consensus of all nodes, the blockchain castrates the ability of each node to independently obtain information outside the chain.
If the blockchain wants to obtain price information similar to the outside world, there are only two ways:
- Actively feed prices through entities similar to Chainlink, and continuously publish price data to the chain.
- Directly through parameters stored in a smart contract, such as uniswap, etc.
Example: This is the WETH price you want to obtain, which is external data
getReserves()Request the ETH price, and the financial model calculation returns the corresponding value.
If flash loans are used here, if the financial model is incorrectly calculated, the calculated WETH is likely to have problems.
What is a price manipulation attack:
Price manipulation attacks refer to 操控市场的买卖行为(操控流动性池或地址余额)seeking 人为地影响产品或资产价格improper benefits through
Four elements of price manipulation:
- Asymmetry of market power: having large amounts of funds through flash lending
- Manipulation of buying and selling behavior: Large amounts of token exchange, destroying the market mechanism (market liquidity)
- Malicious influence on prices: asset price calculation errors (fragile price inquiry mechanism)
- Seeking improper benefits: unusual amounts of rewards or collateral
Real price manipulation attack cases:
Normal Process:
- Users pledge BNB and USDT and obtain LP liquidity certificate;
- Then call the getReward() function to redeem the LP and obtain benefits.
- During the process of removing liquidity, BNB tokens in the pool will be exchanged for Bunny tokens.
Attack process:
Analysis can be seen slow fog pancake attack analysis
-
Obtain certain LP liquidity certificate for your first transaction
-
Users exchanged large amounts of BNB and USDT through flash loans
-
The second transaction, flash loan, adds a large amount of liquidity to the pool and calls the getReward() function at the same time.
-
First, transfer LP to the WBNB-USDT pool to remove liquidity. There are a large amount of BNB and USDT in the pool.
-
Subsequently, a large amount of BNB and USDT were converted into WBNB-BUNNY liquidity, and the number of WBNB in the WBNB pool increased sharply.
-
Then according to the obtained LP number of WBNB-BUNNY,
valueOfAsset函数计算LP价值 -
问题就出在valueOfAsset进行LP价值计算的时候,通过WBNB-BUNNY池子中的WBNB实时数量计算, resulting in a significant increase in the value of a single LP
vulnerability function
The getReserve() function calculates the BNB balance in the pool, and then directly uses it to calculate the value of LP relative to BNB.
Specific financial model calculation:
How to avoid price manipulation attacks:
There are three main ways to avoid using fragile inquiry mechanisms:
- Continuously feed prices through entities such as EOA (Chainlink)
- Collect prices from multiple sources and perform a weighted average of prices from different sources
- Perform a weighted average (uniswap) on the prices in the past period of time
Variable data for a sensitive operation must not rely on data that is easy for the user to manipulate, otherwise it will easily cause danger.
Vulnerability detection using taint analysis