Cointime

Cointime

Download App
iOS & Android

Decoding Sentiment Protocol’s $1 Million Exploit | QuillAudits

Validated Project

Summary:

On April 4th, the Sentiment Protocol on the Arbitrum Chain experienced an attack due to a read-only reentrancy vulnerability. The attackers exploited this vulnerability, stealing approximately $1 million. Fortunately, the attacker returned around 90% of the stolen funds.

About Sentiment:

Sentiment is a liquidity protocol on the Arbitrum Chain that allows for on-chain, permissionless, undercollateralized borrowing. Similar to existing DeFi lending markets, Sentiment lenders supply capital, which is then loaned to borrowers as debt.

Vulnerability Analysis & Impact:

On-Chain Details:

Attacker Address: 0xdd0cdb4c3b887bc533957bc32463977e432e49c3 Attacker Contract: 0x9f626f5941fafe0a5b839907d77fbbd5d0dea9d0 Victim Contract: 62c5aa8277e49b3ead43dc67453ec91dc6826403

Attack Transaction: 0xa9ff2b587e2741575daf893864710a5cbb44bb64ccdc487a100fa20741e0f74d

The Root Cause:

The root cause is a view-only reentrancy bug exposed in balancer pools when removing liquidity with one of the return tokens being ETH. Since the entry point is a non-mutating view call it cannot be protected by a reentrancy guard, allowing the caller to take control of execution and run arbitrary code. The attacker was able to execute a malicious contract before updating the pool balances. This allowed them to steal funds by using overpriced collateral.

Full Resolution Image

Attack Steps:

Attack Process:

  • The attacker began by taking out a flash loan of 606 WBTC, 10,130 WETH, and 18 million USDC tokens from the sentiment lending pool.
  • The attacker initiates the attack by calling the joinPool() function of the Balancer Vault to make a deposit. After this, they call exitPool() to withdraw their funds. During the withdrawal process, the Balancer Vault triggers the fallback function of the attack contract.
  • In the fallback function, the attacker calls the borrow function of the 0x62c5 Proxy contract. This function calculates the price based on the return data from Balancer Vault.getPoolTokens(). As a result, the total supply of LP tokens decreases, but the recorded balances of the tokens in the pool are not updated. This causes the token prices to become imbalanced, allowing the attacker to borrow multiple assets at a lower price.
  • Finally, the attacker returned the borrowed funds, along with premiums, and made a profit of approximately $1 million. The attacker bridged the funds from Arbitrum Chain to Ethereum. 

The flow of Funds:

The hacker returned $900,000 (90%) to the protocol and kept the rest as a bounty. They transferred the bounty to Tornado Cash.

Incident Timelines

05.04.2023: The sentiment team announced the hack through a tweet. The contract was paused to prevent further losses. They also announced that they are working with authorities and security firms to secure funds, recover stolen assets, and investigate the exploit.

05-04-2023: The team offered a $95K reward to the hacker if they returned the assets by 8 AM UTC on April 6. Otherwise, the reward will be given to anyone with relevant information about the hacker.

06-04-2023: The Sentiment team announced that they successfully negotiated with the exploiter to return 90% of the hacked funds. A few hours later, they released a statement saying that they had recovered $900,000 from the exploit.

07-04-2023: Sherlock paid out $50K, which is 75% of the remaining losses after the hacker returned 90% of the funds. They further stated that they would claim the last 25% of the loss with their partner, NexusMutual.

8–04–2023: The Sentiment team announced that they had recovered 100% of the funds from the exploit.

11–04–2023: They released a brief summary of the exploit and how they overcame it, restoring the protocol to 100% solvency and full capacity.

How they could have prevented the Exploit?

When developing smart contracts, it is crucial to consider integrations and security solutions that are relevant to the project. To mitigate this issue, it is recommended to use Balancer’s VaultReentrancyLib. By calling ensureNotInVaultContext(vault), a noop call to the vault is performed, which will fail if an attacker attempts a read-only reentrancy attack.

Reproducing the hack:

We will be using the Foundry framework for POC.(Add the Arbitrum Mainnet RPC URL in foundry.toml file and run the test using the command forge test -vvv)

The exploit PoC link can be found here.

Read more: https://quillaudits.medium.com/decoding-sentiment-protocols-1-million-exploit-quillaudits-f36bee77d376

Comments

All Comments

Recommended for you

  • Farcaster's social client Kiosk completes $10 million financing, led by Electric Capital

    Farcaster's integrated social client Kiosk has announced the completion of a $10 million financing round on the X platform, led by Electric Capital, with participation from a16z Crypto, USV, and Variant Fund. Kiosk aims to promote community building and commerce within applications, enabling creators to establish communities, share rich media content, mint NFTs, interact with like-minded individuals, and seamlessly customize channel economics, while emphasizing the integration of on-chain assets into social interactions and envisioning a more inclusive and interconnected Web3 experience.

  • A whale sold 224 WBTC worth $14.4 million in the past three hours

    According to on-chain analyst @ai_9684xtpa, address 0x486...1505e sold 224 WBTC tokens worth $14.4 million through Cowswap in the past three hours, making a profit of $830,000 (selling at an average price of $64,203). The seller had bought 371 WBTC tokens at an average price of $60,504 between November 2023 and April 2024, and still holds 280 WBTC tokens.

  • CryptoQuant CEO: BTC needs to remain above $80,000 for miners to remain profitable after halving

    Bitcoin mining revenue significantly decreased in May due to the impact of the fourth Bitcoin halving event. On May 1st, the total revenue from block rewards and transaction fees reached a new low of only $26.3 million.CryptoQuant CEO Ki Young Ju calculated that, based on current conditions, Bitcoin needs to stay above $80,000 for miners to remain profitable after the halving. However, most miners have taken proactive measures to upgrade their mining equipment to lower long-term operating costs and remain competitive.

  • BTC returns to above 65,000 USDT, up 2.08% in 24 hours

    OKX market shows that BTC has returned to above 65000 USDT, now reporting 65102 USDT, with a 24-hour increase of 2.08%.

  • Hundre Finance attackers have withdrawn 162.2 ETH worth of crypto assets from Curve

    According to PeckShield monitoring, the attacker of Hundre Finance withdrew 784,000 3Crv from Curve and exchanged it for 273 ETH. In addition, they also exchanged 305.6 WOO, 39 PAXG, 200,000 FRAX, and 100,000 DAI, totaling 162.2 ETH. The attacker then bridged 1,034 ETH (2.17 million USD), 842.8K DAI, 1.11 million USDT, 1.27 million USDC, and 457.3 FRAX from Optimism to Ethereum. They also exchanged a total of 480,000 USDC for 142.6 WETH, 306 WOO, and 39 PAXG. They also exchanged 1.11 million USDT for 500.3 thousand USD worth of DAI and 613.8 thousand USD worth of FRAX. Additionally, on April 15, 2023, approximately 786,000 USD worth of USDC was added to Curve3Pool.

  • LayerZero co-founder: "Self-reporting of witch activities" is not aimed at individuals, but at industrial witch studios

    Bryan Pellegrino, co-founder and CEO of LayerZero, stated on social media that the "Self-Report Sybil Activity" is not targeting individual users, but rather large industrial witch farms (studios).Earlier, LayerZero Labs launched the "Self-Report Sybil Activity" plan, which allows witch addresses to self-report related addresses on a designated page and receive an expected allocation of 15%, without answering any questions. The deadline is May 17th, 19:59:59.

  • Argentina’s House of Representatives Passes Bill to Regularize Cryptocurrency Taxation

    The Argentine Chamber of Deputies has passed a cryptocurrency tax normalization bill aimed at advancing a series of important government reforms. The bill introduces the possibility of regularizing previously undeclared cryptocurrency assets, up to a maximum of $100,000, without paying government collection fees. However, if the value of cryptocurrency assets exceeds this limit, the government will apply preferential tax rates based on the taxpayer's declaration date.

  • GNUS on Fantom was attacked, with a loss of about $1.27 million

    According to Beosin's monitoring, GNUS on Fantom was attacked, resulting in a loss of approximately $1.27 million. GNUS stated on the X platform that due to recent vulnerabilities, hackers were able to mint fake GNUS tokens on Fantom, transfer them to Ethereum and Polygon through the Axelar Bridge, and sell them to existing liquidity pools. We will take a snapshot of the blocks before the exploit. To ensure fairness, please do not purchase GNUS tokens after the exploit, as we will issue new tokens.

  • Pandu Financial Group received the first round of strategic equity investment of tens of millions of Hong Kong dollars, led by Longling Capital

    Pando Financial Group announced it has received tens of millions of Hong Kong dollars in strategic equity investment led by Longling Investment. Pando Financial Group stated that it plans to use the newly injected funds for key growth areas, including market expansion, innovative product development, key talent recruitment, and technology upgrades, aiming to accelerate the layout of opportunities in the era of virtual assets through these strategic initiatives. Currently, the group's asset management scale has reached $500 million. Pando Asset, a subsidiary of Pando Financial Group, established its headquarters in Zurich in 2022 and issued the Pando 6 spot virtual asset fund (Bitcoin/Ethereum spot ETPs) on the Swiss Exchange. Another subsidiary of Pando Financial Group, Pando Limited, obtained licenses from the Securities and Futures Commission in Hong Kong, including Type 1 (securities trading), Type 4 (advising on securities), and Type 9 (asset management), as well as public fund qualifications, and was approved to manage investment portfolios with more than 10% invested in virtual assets and issued several excellent performance actively managed ETF products.

  • Hong Kong Monetary Authority launches industry consultation on “renaming virtual banks as licensed digital banks”

    Hong Kong virtual banks released their annual reports for 2023 last week. The eight virtual banks collectively lost about 2.99 billion yuan last year, a decrease of about 12% compared to the total loss of about 3.4 billion yuan in 2022. In response to the occasional feeling of "unreality" brought about by the term "virtual" in recent years, the Hong Kong Monetary Authority has initiated a consultation on renaming with the eight virtual banks, the Hong Kong Bankers Association, the Hong Kong Restricted Licensed Banks and Deposit-taking Companies Association, with the aim of renaming virtual banks as licensed digital banks, for a period of one month. It is reported that in the Asian region, similar banks have different names in different places. South Korea and Singapore issue licenses under the name of "digital bank", with Singapore further dividing them into digital full banks (DFB) and digital wholesale banks (DWB).

Daily Must-Read

Popular Activities

Delysium $AGI & AI Private Yacht Party

Delysium $AGI & AI Private Yacht Party

March 27 - March 27
Seoul

Popular Tags

Cointime
News
Contents
RSS
Company