CertiK: Can anyone escape hacker attacks in DeFi——A brief analysis of the xToken attack incident
On May 13, Beijing time, the CertiK security technology team discovered that the DeFi pledge and liquidity strategy platform xToken was attacked
On May 13, Beijing time, the CertiK security technology team discovered that the DeFi pledge and liquidity strategy platform xToken was attacked, and the xBNTaBancor pool and xSNXaBalancer pool were immediately exhausted, causing a loss of nearly 25 million US dollars.
How did the attack happen?How did the attack happen?
The key bugs discovered by the CertiK security team in 2020 fall into three categories: logic errors, flash loans, and project party fraud.If the funds are not returned in time, the transaction will be reversed, keeping the reserve pool safe.Flash loans can be used for loans without providing any collateral. Of course, all operations must be completed within a transaction block.Developers can borrow and borrow from protocols like Aave or dYdX on the condition that liquidity is returned to the pool before the transaction closes.If the funds are not returned in time, the transaction will be reversed, keeping the reserve pool safe.Flash loans have multiple functions and use cases, but most of the flash loans we have seen so far are used for arbitrage transactions.The malicious use method is to attack some other DeFi protocols or manipulate the price of the price oracle machine-this is exactly what happened to xToken this time.detailed analysis
Attacks against xSNXa
Attacks against xBNTa
The xBNTa contract uses ETH to mint xBNTa.The principle is to exchange ETH for BNT in the Bancor protocol in the smart contract, and use the exchanged BNT amount to calculate the minted xBNTa amount.However, in the contract"mint"The method does not verify whether the currency exchanged for ETH is BNT. The attacker replaced BNT with a token SPD with a large amount, and forged the number of BNT, so that it can issue xBNTa infinitely.The attacker called the "mint" method four times, each time using 0.03ETH to mint a large amount of xBNTa, and finally obtained 3.9 billion xBNTa, and exchanged half of the obtained xBNTa for about 780,000 BNT.But why is this hack different from previous flash loan attacks?Because the attacker’s transaction is implemented using Flashbots MEV, which ensures the privacy of the transaction and prevents the transaction from being “sandwiched” by other users when interacting with the AMM.①Flashbots is a research and development organization whose original intention was to alleviate the"Miner-extractable value (MEV)"Negative impact and survival risks brought to smart contract platform blockchain.They propose to design a permissionless, transparent and fair ecosystem for MEV to defend the idea of Ethereum.② Miner Extractable Value (MEV) is a standard designed to study consensus security, which simulates miners (or node validators) by arbitrarily including, removing or reordering the transactions in the blocks they generate. profits.For example, an attacker could see a profitable transaction and try to make a profit by paying a higher transaction fee to front-run the transaction. Or by sandwiching AMM transactions.③Sandwich attack: When the attacker observes a transaction in which asset X is exchanged for asset Y in the transaction pool, the attacker can buy asset Y in advance, and then let the victim execute the transaction to increase the price of asset Y, and then exchange assets for Y After the price rises, sell the previously purchased asset Y to make a profit.So even attackers need to be wary of all the marauders lurking in the dark forest.Flashbots require users to use a personal API key, and attackers are very likely to leave their own traces when using Flashbots.
write at the end
It is actually not common for xToken, as an excellent DeFi project that has been audited by a large security company, to suffer such an attack.
This also once again revealed to us the fact that static security audits cannot guarantee 100% security.Security is not a one-off, it is an ongoing process.Blockchain technology is changing with each passing day, and new attack methods are also emerging in an endless stream.Welcome to click the dialog box at the bottom of the CertiK public account, leave a message to get free consultation and quotation!To date, CertiK has conducted more than 700 audits, protecting more than $30 billion in digital assets and software systems from security losses.
