fix
spherex Research

Donations are only for DeFi saints

3 min read ・ Aug 09, 2023 ・by Ido Heth

Euler Finance's Flash-Loan Attack: A $197 Million Loss

Euler Finance has fallen prey to a massive flash-loan attack resulting in the loss of $197 million worth of tokens, although it looks like a typical financial attack, it is a distinct code issue in the smart contract.

The exploit, explained and analyzed by the spherex team involves:

  • Synthetically creating a large under-collateralized position (with the flawed function)
  • Gaining profit from the liquidation fee by liquidating the created position
  • Executing both position opening and liquidation atomically with a contract using a flash-loan

Euler Finance is a permissionless lending protocol that helps users earn interest on their crypto assets or hedge against volatile markets without the need for a trusted third-party.

It boasts several groundbreaking features in the DeFi world like reactive interest rates, MEV-resistant liquidations, and multi-collateral stability pools. Additionally and more relevant for this analysis, Euler Finance’s liquidating fee changes based on how underwater the position is, making it a smart incentive mechanism.

Euler Finance's Features and the Attack Flow

First appeared the official statement, and then the explanations race started:

Euler’s tweet from twitter.com

The attack flow, as described by the Peckshield team:

Taken from Peckshield’s tweet from twitter.com

The exploit is related to the donateToReserves() function:

Taken from Euler’s repo from github.com

After leveraging the first deposit (twice), the hackers donated some of theirs eDAI tokens without the health of theirs position being checked in the process. this created a massive underwater position for them to liquidate and gain massive fees, based on the changed by “bad debt” liquidation fee discussed earlier.

The Flawed Function and Its Consequences

Ironically as quoted from the white paper:

Additionally, this fee ensures that ‘self-liquidating’ is always net-negative, which adds a profitability threshold that some undesirable manipulation strategies are unlikely to meet.

One of the findings we had is the flawed function donateToReserves(), which was introduced to the protocol on July 2022 after being proposed and approved by the governance in the following eip. This functionality was barely used since then (only three times) and all the calls were made by EOAs related to Euler finance (initial funding) - 0xa91d55…6fc93a and 0xb1ae68…ba25a7

Conclusion

The exploit’s sophisticated nature once again highlights the critical importance of robust security practices for blockchain projects. It is evident that relying solely on traditional security measures such as audits or monitoring (even real time monitoring), is not enough to ensure blockchain projects’ security. The vulnerability, lying in an audited code, went undetected for months, and alerting the suspicious activity after the funds already faded was too late. There’s definitely a missing brick in the current stack of smart contract security solutions.

PS

An interesting MEV anecdote — a bot accidentally frontrunned the first exploit transaction and transferred the funds to the hacker contract (check this).

About the author

Ido Heth
Engineer @SphereX's
Follow

Ido has over 6 years of software development and cybersecurity research experience. Before joining SphereX, Ido was an officer in an IDF's intelligence unit.

Tags
spherex Research
Continue your reading with these value-packed posts
spherex Blog
Working with Slither for Fun, for Profit, or for Useful Information
Slither not only detects vulnerabilities but also visualizes contract structures, helping you ensure security and efficiency.
Read more
next icon
3 min read ・ Sep 30, 2024 ・by Shira Shalev
spherex Blog
DORA: The New Guardian of Digital Finance
DORA mandates cybersecurity measures, including risk management and incident reporting, for smart contract owners, ensuring compliance.
Read more
next icon
4 min read ・ Sep 05, 2024 ・by Eilon Morag
spherex Blog
MiCA: The Regulatory Wave Reshaping Crypto's Future
MiCA is a comprehensive EU regulation that mandates compliance in crypto, affecting smart contracts and blockchain-based operations
Read more
next icon
4 min read ・ Sep 05, 2024 ・by Eilon Morag

Get Bulletproof Protection From Web3 Zero-Day Attacks

Image