Cointime

Download App
iOS & Android

SharkTeam: Analysis of the Tornado.Cash Proposal Attack

On May 20, 2023, Tornado.Cash experienced a proposal attack, resulting in the attacker profiting approximately $680,000.

SharkTeam conducted a technical analysis of the incident and summarized security measures to serve as a lesson for future projects, aiming to strengthen the security defenses in the blockchain industry.

1. Incident Analysis

Attacker Addresses:

· 0x092123663804f8801b9b086b03B98D706f77bD59

· 0x592340957eBC9e4Afb0E9Af221d06fDDDF789de9

Attacking Contracts:

· 0xAF54612427d97489707332efe0b6290F129DbAcb

· 0x03ecf0d22f9ccd21144a7d492cf63b471916497a

· 0x7dc86183274b28e9f1a100a0152dac975361353d(deployed contract)

· 0xc503893b3e3c0c6b909222b45f2a3a259a52752d (fake proposal contract)

Targeted Contract:

· 0x5efda50f22d34F262c29268506C5Fa42cB56A1Ce

Proposal Transaction:

· 0x34605f1d6463a48b818157f7b26d040f8dd329273702a0618e9e74fe350e6e0d

Attack Transaction:

· 0x3274b6090685b842aca80b304a4dcee0f61ef8b6afee10b7c7533c32fb75486d

Attack Process:

(1) The attacker (0x59234095) initiated a proposal to the targeted contract (0x5efda50f) and claimed that it was a supplement to Proposal 16.

(2) However, the proposal actually contained an additional self-destruct function.

(3) Unfortunately, the community did not identify the issue within the proposal, and most members voted in favor of it.

(4) The attacker created multiple contracts to execute token transfers.

(5) The attacker (0x59234095) destroyed the proposal contract (0xc503893b) and its creating contract (0x7dc86183). Subsequently, the attacker redeployed the attack contract (0xc503893b) at the same address.

(6) After modifying the proposal contract, the attacker (0x59234095) executed the proposal and changed the locked token balance of the contracts they controlled to 10,000.

(7) Once the proposal execution was complete, the attacker (0x09212366) transferred the tokens to their own address, gaining ownership of the targeted contract.

Vulnerability Analysis:

Since the deployment contract (0x7dc86183) is deployed through create2, the fake proposal contract (0xc503893b) is deployed through create. After the two contracts are destroyed, because the bytecode of the deployment contract (0x7dc86183) has not changed, so reusing create2 deployment can be deployed to the same address, which is 0x7dc86183, and the attack contract is deployed using the create opcode, in the deployment contract ( 0x7dc86183) is destroyed, the nonce restores the initial value, so that the attack contract can be deployed to the same address 0xc503893b even when the contract is modified. And the execution of the proposal is called in the form of delegatecall, and the attacking contract can arbitrarily modify the value in the attacked contract.

Summary of the Incident:

The root cause of this incident was the community's failure to identify the risks within the proposal and to thoroughly verify the security of the proposal contract's code.

2. Security Recommendations

In response to the recent attack incident, it is important to follow the following guidelines during the development process:

1. When designing proposals, fully consider the security of the proposal mechanism and strive to minimize the risk of centralized control. Practical measures such as reducing the value of potential attacks, increasing the cost of acquiring voting rights, and raising the cost of executing an attack should be taken into account to ensure a well-designed proposal mechanism.

2. Before voting on a proposal, the community should carefully review the contract code for any potential backdoors or security vulnerabilities.

3. Prior to proposal approval, it is advisable to engage a third-party security audit firm to conduct a thorough security audit of the contract logic code.

About us

SharkTeam’s vision is to comprehensively protect the security of the Web3 world. The team is composed of experienced security professionals and senior researchers from all over the world. They are proficient in the underlying theory of blockchain and smart contracts, and provide services including smart contract auditing, on-chain analysis, and emergency response. It has established long-term cooperative relationships with key players in various fields of the blockchain ecosystem, such as Polkadot, Moonbeam, polygon, OKC, Huobi Global, imToken, ChainIDE, etc.
Official website: https://www.sharkteam.org/
Twitter: https://twitter.com/sharkteamorg
Discord: https://discord.gg/jGH9xXCjDZ
Telegram: https://t.me/sharkteamorg

Comments

All Comments

Recommended for you

  • Bitcoin Layer 2 Project Bitlayer Launches $50 Million Ecosystem Incentive Program

    Bitlayer, a Bitcoin Layer2 infrastructure project based on the BitVM paradigm, announced the launch of a $50 million ecological incentive plan to promote the development of its mainnet ecosystem. The first phase of the incentive program, named "Ready Player One," will begin registration at 09:00 UTC on March 29th, 2024 and end at 09:00 UTC on April 29th, 2024, and will officially start after the Bitlayer mainnet is launched. Specific rules and reward allocation guidelines for the event will be disclosed in subsequent announcements. Through the "Ready Player One" and other ecological incentive plans, Bitlayer aims to accelerate ecosystem development and incentivize projects to deploy on the Bitlayer mainnet. In addition, Bitlayer promises comprehensive ecosystem support for all projects, including potential foundation and institutional investment, initial liquidity support, comprehensive product development resources, guidance and investment opportunities from top incubators, support from the Bitcoin community and OGs, ecosystem cooperation, and co-creation.

  • Stablecoin protocol Ethena on BNBChain has been hacked

    The stablecoin protocol Ethena on BNBChain has been hacked, causing a loss of 480 BNB, worth about $290,000, as monitored by PeckShieldAlert.

  • Singapore-based Bitcoin Layer2 Project BEVM Raises Tens of Millions in Seed and Series A Funding

    Singapore-based Bitcoin Layer2 project, BEVM, has completed its seed round and part of its Series A round, raising tens of millions of USD from over 20 investors including RockTree Capital, Waterdrip Capital, and ViaBTC Capital. The project's Series A valuation has reached $200m and aims to accelerate its international development and roll-out. BEVM is an EVM-compatible Bitcoin Layer2 network built on Taproot Consensus, which uses $BTC as gas and aims to bring 10% of $BTC into its Layer2 network environment. The project's mainnet is scheduled to launch on March 28th and has already implemented decentralized Bitcoin cross-chain custody services through Schnorr Signature, MAST, and Bitcoin SPVs.

  • Ethereum on-chain DEX transaction volume exceeded $2.1 billion yesterday

    According to DeFiLlama data, the trading volume of DEX on the Ethereum blockchain on March 28th was 2.111 billion US dollars, ranking first. The daily trading volume of DEX on the BSC chain was 1.398 billion US dollars, ranking second; the daily trading volume of DEX on the Solana chain was 1.097 billion US dollars, ranking third.

  • Taiwan’s Ministry of Interior has approved the establishment of a cryptocurrency industry association

    Taiwan's Ministry of the Interior has approved the application of the local cryptocurrency industry to establish an industry association. The local cryptocurrency industry working group, which was established last year to prepare for the establishment of the industry association, said that the working group now needs to complete all preparations and officially establish the cryptocurrency industry association by the end of June as required by the government. The working group is currently composed of 22 cryptocurrency companies, including Taiwan's major exchanges such as MaiCoin and BitoPro. The working group pointed out that ACE Exchange has been expelled from the group because the troubled exchange is under investigation by prosecutors for improper behavior by its former executives.

  • Grayscale ETH Trust negative premium rate is 22.77%

    According to ChainCatcher news and Coinglass data, the Grayscale Bitcoin Trust Fund (GBTC) has a premium rate of 0.02%. The Grayscale ETH Trust has a negative premium rate of 22.77%, and the ETC Trust has a negative premium rate of 36.58%.In addition, the Grayscale BCH Trust has a premium rate of 238.13%, the LTC Trust has a premium rate of 380.60%, the SOL Trust has a premium rate of 515.93%, the MANA Trust has a premium rate of 726.65%, the LINK Trust has a premium rate of 713.66%, and the FIL Trust has a premium rate of 3057.89%.

  • Net inflows into spot Bitcoin ETFs reached $179 million on March 28

    Spot on Chain, a blockchain data monitoring platform, posted on social media that the net inflow of spot bitcoin ETF on March 28th reached 179 million US dollars, a decrease of 26.9% compared to the previous trading day. After 54 trading days, the total net inflow accumulated to 12.13 billion US dollars, which is the level before the last fully negative trading week. BlackRock's iShares Bitcoin ETF (IBIT) and Grayscale's GBTC both saw a significant slowdown in daily inflows and outflows on March 28th.

  • Bitcoin spot ETF had a total net inflow of US$179 million yesterday, and the ETF net asset ratio reached 4.25%

    According to SoSoValue data, the Bitcoin spot ETF had a total net inflow of $179 million yesterday (March 28th, US Eastern Time).Yesterday, Grayscale's ETF GBTC had a net outflow of $104 million, and its historical net outflow is $14.77 billion. The Bitcoin spot ETF with the highest net inflow yesterday was BlackRock's ETF IBIT, with a net inflow of approximately $95.12 million, and its historical total net inflow has reached $13.96 billion. The second is Fidelity's ETF FBTC, with a net inflow of approximately $68.09 million yesterday, and its historical total net inflow has reached $7.56 billion.As of now, the total net asset value of Bitcoin spot ETF is $59.1 billion, and the ETF net asset ratio (market value compared to the total market value of Bitcoin) is 4.25%, with a historical total net inflow of $12.12 billion.

  • Vitalik: Humanity needs to create a world where blockchain and artificial intelligence work together

    Vitalik Buterin, the founder of Ethereum, stated at BiddleAsia 2024 held at Signiel Seoul in the Songpa district on March 28 that artificial intelligence is a huge market and its importance is increasing day by day. We need to create a world where blockchain and artificial intelligence work together. Artificial intelligence can now create applications with 100 to 500 lines of code. Vitalik also stated that the ability to write 10,000 lines of code can eliminate most of the bugs in the Ethereum virtual machine.

  • The Safe Case: How AI and Smart Accounts will Revolutionize Crypto

    Web3’s first billion users may not only be humans, but AI agents, signalling a nascent but growing "agent economy"—an onchain economy run solely by AI agents that is turning the crypto-AI dream team into a reality.