Decrypting the $197 Million Euler Finance Exploit
2024-1-24 00:40:36 Author: infosecwriteups.com(查看原文) 阅读量:12 收藏

Chirag Agrawal

InfoSec Write-ups

Dissecting Euler Finance Examining the $197 Million Fraud Behind the Flash Loan Attack

https://www.web3sec.news/

Stay ahead of the game with Web3Sec.News, the ultimate community-driven platform for the latest news and insights on web3 security, blockchain technology, and audits.

Introduction:

On March 13, 2023, a clever attacker exploited a logical flaw within the platform’s recently announced donate liquidity feature, resulting in a large breach. This vulnerability resulted in a whopping $197 million loss. In this analysis, we go into the event’s complexities to comprehend the mechanics of the exploit.

The attacker planned a complicated operation using flash loans received from AaveV2, playing two unique roles: borrower and liquidator. The following sequence of events depicts the strategic techniques carried out.

What took place during the hack?

  • To begin the attack, the hacker obtained a $30 million DAI flash loan and opened two accounts, one as the borrower and the other as the liquidator. The borrower used $20 million DAI to create 195 million e-DAI and 200 million d-DAI.
https://phalcon.xyz/tx/eth/0xc310a0affe2169d1f6feec1c63dbc7f7c62a887fa48795d327d4d2da2d6b111d?line=471
  • To cause instability within Euler Finance, the borrower refunded $10 million DAI, causing the value of d-DAI tokens to decrease by the same amount.
  • Taking advantage of this weakness, the borrower issued an additional 195 million e-DAI and 200 million d-DAI tokens. A weakness in the donateToReserve() method was exploited, resulting in the burning of e-DAI tokens while leaving d-DAI tokens untouched, resulting in an unbacked debt.
https://github.com/euler-xyz/euler-contracts/blob/fdcb21a9b1f31b2787359cff554f4f1f003b12cb/contracts/modules/EToken.sol#L354
  • The liquidator seized on the chance, liquidated the debt, and then borrowed it. This creative move resulted in a profit of 310 million e-DAI, which was effectively converted into 38.9 million DAI.
  • The attacker repaid the flash loan after successfully executing the exploit, resulting in a net profit of 8.8 million DAI. This cycle repeated itself until Euler Finance’s reserves were drained.

The incident gives useful information and recommendations to strengthen against future vulnerabilities:

  1. Token Burn Precision: Ensure that token burns, including both e-DAI and d-DAI tokens, are executed meticulously in scenarios requiring the gift of funds to alternate accounts.
  2. Oversight of Collateralization: Implement severe checks within the donateToReserves function to ensure ongoing over-collateralization. If this criterion is not met, transactions should be suspended.
  3. Use trustworthy oracles or established market price feeds to reliably determine the market prices of collateral and loaned assets. This ensures that conversion rates are transparent and precise during liquidation.
  4. Introduce safeguards, such as minimum collateralization ratios and borrowing limitations, to prevent over-leveraging and reinforce the platform against potential malicious exploitation.

The Euler Finance incident highlights both how the world of decentralized finance is changing and how crucial it is to have strong security measures. The industry may move closer to a more stable and secure financial future in the context of decentralized finance by learning from similar incidents.

Remain vigilant and aware!!

Sign up today to stay informed about the newest trends in smart contract security

For more information: https://web3secnews.substack.com


文章来源: https://infosecwriteups.com/decrypting-the-197-million-euler-finance-exploit-755528b9324a?source=rss----7b722bfd1b8d---4
如有侵权请联系:admin#unsafe.sh