Two smart contracts work together and produce a weakness through which an attacker captures around $ 26 million
“Hacker” by Richard Patterson via Flickr.com. License: Creative Commons
Again a defi hack causes unrest. A hacker was able to.steal the token worth a good $ 26 million. The reason was an unexpected interplay of second smart contracts. The incident and its consequences show that the decentralized finances on Ethereum are not even so different than what we already know – and that this may be good news.
Uniswap and Lendf.me were hacked. The two platforms are among the apps for decentralized finances (defi). With a total of just more than $ 26 million, the damage to the hack is relatively moderate. However, it is much more serious what the hack in general says in general. One could call him a goddia.
What happened?
As so often, it is extremely complicated to explain what exactly happened. This may indicate one of the biggest problems in the defis: nobody understands what the wallets do under the user interface.
Let’s start with uniswap. This is a kind of decentralized stock exchange. Users can use smart contracts on the Ethereum blockchain to exchange ether and all kinds of tokens on Ethereum. At the same time, user can provide liquidity by storing ether or tokens in a “liquidity pool”. You will then receive a share of the trading fees. In this way, uniswap becomes a DAO (decentralized autonomous organization) that can be used to change tokens. It is a fairly clever concept that has brought uniswap to fifth place with more than $ 40 million in the smart contracts.
In the morning of 18. Aprils used a hacker an exploit in the smart contract from Uniswap, which mainly affected the ImbtC token. These are token on Bitcoin on the Ethereum Blockchain. After TOKENLON, the editor of the IMBTC token, was informed about the hack, he briefly exposed the transfer of the IMBTC token. After an exchange with partners like Lendf.ME activated tokenlon again the transfer in the early evening.
However, the hacker struck again in the morning of the following day. This time Lendf informed.me the token editor about a very similar attack. Lendf.ME is a “decentralized money market”: users can lend and lend stable coins and pay or maintain interest for it. Lendf.ME is part of the DForce ecosystem, since the entire range of the usual defi applications covers: a stable coin, a separate token, a decentralized platform for the exchange of tokens, derivatives and also “lending” with lendfm.me.
While Uniswap still got off lightly, the hack was at Lendf.me hard. The hacker was able to pull assets worth around $ 25 million out of the smart contract. The hacker has deducted Imbtc from other users and over Lendf.me uses to borrow other tokens. In doing so, he has built up a portfolio, partly made of tokenized ether and a colorful basket of dollar-based stable coins. He then awarded part of the tokens to Compound-another Lending Defi-or used it as collateral to borrow other tokens, he exchanged another on decentralized stock exchanges for tokens such as maker, bat, KNC or link. Apparently the hacker believes in Defi, although he succeeded in hacking the system.
Lendf.ME has switched off the website through which the DAPP was running. Tokenlon has again exposed the transfer of the IMBTC token. Mindao Yang from DFORCE is personally affected – tokens by him were also stolen – and confessed: “This attack was my failure. I didn’t do it, but I should have guessed and made precautions against it.“He will do everything he could to compensate the victims. DFORCE is ready to negotiate with the attacker and has already informed the police in different countries, the publishers of tokens and stock exchanges to put the stolen tokens on a blacklist, so it becomes difficult for the hacker to exchange them for other crypto and fiat currencies.
But why did that happen?
The really difficult question now is: why could that happen? For everyone who works with defis, this should be decisive. Because only if you know why something happens do you have a chance to prevent it from happening again.
In any case, one cause lies in the IMBTC token. After all, this played a central role in both hacks. IMBTC is an ERC777 token. This is a successor to the widespread ERC20 token that introduces some new functions. The ERC777 token protocol is considered safe. Nevertheless, there was obviously a hack.
The problem is that the ERC777 token is only “in itself” safe. If you apply it wrong, problems can occur. And both uniswap and lendf.ME apparently made a small mistake in the implementation of ERC777. A GitHub page describes this exploit in a very technical way: If the token is sent by another smart contract, this Smart Contract is called after it has received Ethereum, but before it has changed its token credit. That sounds like a minor detail, but enables the so-called “reentry attack”: someone can manipulate the Ether Prize when exchanging token against Ether by re-calculating the Smart Contract in ether after the ether are deducted, but still while the tokens are there. This enables the attacker to manipulate the price of such an exchange.
With a decentralized stock exchange like uniswap, the hacker can cause damage. However, this is limited. In a money market like Lendf.ME, on the other hand, the hacker can increase his own collateral in the records of the smart contract with the reentry attack. So he can pretend the Smart Contract that it has more Imbtc token than he actually has. He can then use this as a collector to borrow various other tokens. This attack is much more devastating than that on uniswap and has brought the hacker more than $ 25 million.
As Mindao Yang writes, DForce should have predicted such an attack. However, it is also understandable, which is why he did not foreseen it. The ERC777 tokens are considered safe, and the protocol of the Lending market itself also seems safe. An uncertainty only creeps in when two components come together and do something that one would not have expected. The incident shows that you cannot “just” build a smart contract for a defi “. It is not enough to know the security of your own contract.
Various smart contracts work together in today’s Defi ecosystem: a contract creates a stable coin, another builds up a money market where you can borrow it, and a third man creates a stock exchange where you can get to the stable coat or exchange it for other tokens. Everything is intertwined, and the interaction of the smart contracts can have consequences that are extremely difficult to precede.
What is scary for a developer should be even more frightening for a user. It is in no way to be guessed at the normal mortal that reren complicated monsters in the background when he grabs a stable coin in the wallet and gets interests using the defi dapps. The risk is always there.
The aftermath
No less interesting than the hack is what happened afterwards.
Lendf.me is still offline. The website serves as a gateway to the DAPP. I don’t know the Smart Contract exactly, but it would be conceivable that the contract without a signature that can only form the website does not work. This does not become “unobtrusive”, as Smart Contracts actually write on the chest on the blockchain. Like any other platform, it can be switched off by the operators. The same applies to those in the IMBTC token: their editor, TOKENLON, could simply expose transactions with them. Here, too, the smart contracts suspended the “unstoppable power of the blockchain”.
The hacker’s yields consist of different tokens, and some of them have changed through decentralized stock exchanges or with the help of another lending dap or used as collateral to borrow other tokens. Here the Smart Contracts are obviously doing what they should do: they are unstoppable, even if there is a collective interest in it to stop them. It is difficult to say whether this applies to all tokens or only in part. The dollar tokens on Ethereum published by the Huobi stock exchange must only be redeemed on Huobi. There, the captured tokens are likely to be on a blacklist, which makes them virtually worthless.
However, it seems to work that DForce has informed the police, the stock exchanges and the other actors in the ecosystem. These have put the chopped tokens on blacklistst – or threaten to do this – which makes it very difficult for the hacker to change them against “clean” coins. This apparently succeeded in building a negotiation pressure. The hacker contacted DFORCE, and they have started to negotiate with him about the return of the coins. The first communication instrument was a field in the transactions of the Lendf.MEMART Contracts used in which you can write short messages.
It looks like the negotiations seem to have come to a conclusion quite quickly. The hacker has already repaid the first batches to dollar tokens.
More similar to the established financial system than expected
In this affair, the defis is not even so different from the normal financial system. The high interest rates that you get in smart contracts for stable coins – about 10 percent a year – are not god, but reflect a risk again. This risk is less economical – this is largely eliminated by the collateral – but technically. It may always be that the smart contracts do something that nobody would have expected.
Also, most tokens are not as unstoppable as you imagine. As in the normal financial system, credit can be freezed or transactions can be switched off. With the imtows, this probably prevented that there were much larger losses. Also that the Huobi dollar can be controlled, and there are also the function of preventing transactions in other ERC tokens, the affected people should have helped to get part of their lost tokens again.
For the defis, this could be the dawn of gods because they are not so different from what we already have. But it could also be the knighthood because the methods with which one usually deals with unwanted incidents are also used here. At the same time, they continue to reduce risks from central parties and create transparency that was inconceivable in the old financial system.