The DeFi (decentralized finance) industry just suffered another blow that reminds us that DeFi is still very much uncharted territory. What makes it worse is that the vulnerability used has reportedly been known.
A blockchain security company PeckShield offered a detailed look into the attacks and their execution, stating that this was a known reentrancy vulnerability that first occurred on April 18 on Uniswap, a protocol for automated token exchange on Ethereum (ETH), against the imBTC (an Ethereum token valued at 1:1 rate with bitcoin (BTC)) liquidity pool. This was followed by a similar attack on Lendf.Me, the lending protocol in the «decentralized finance protocol» dForce network, a day later.
The vulnerability allows a hacker to hijack a transaction and sell the same batch of tokens multiple times. Some ETH 1,278 (USD 232,000) were stolen in the first attack, and c. USD 25.2 million from the second.
Lendf.Me site at the time of writing is offline. On its official Twitter account, dForce Foundation CEO Mindao Yang shared the network’s explanation as to what happened this weekend, confirming the attack as described by PeckShield. «The callback mechanism of ERC777 (imBTC) enabled the hacker to supply and withdraw imBTC repeatedly before the balance was updated,» writes Yang.
Furthermore, Yang states that the hackers «attempted to contact us and we intend to enter into discussions with them.» There are reports that the attacker returned PAX 126,014, HBTC 320, and HUSD 381,000.
While the company is working with the law enforcement and exchanges on identifying the attackers, as well as on a more comprehensive security assessment of Lendf.Me as they say, Yang states that the attack was his failure. «While I did not execute it, I should have anticipated it and taken actions to prevent it,» he writes.
There’s even a mitigation mechanism to block such reentrancy attacks, the so-called Checks-Effects-Interactions design pattern, according to PeckShield. They conclude that «The Lendf.Me hack is a huge blow to the current DeFi community.»
Also, their report finds that, while «ERC777 itself is a community-established token standard with its advanced features for various scenarios,[…] these advanced features might not be compatible with certain DeFi scenarios. Worse, such incompatibility could further lead to undesirable consequences (e.g., reentrancy). We also notice that other token standards (e.g., ERC1155) have been similarly designed to have a callback function.»
Furthermore, Tokenlon, the company behind imBTC, wrote in a post mortem report that «The ERC-777 token standard has — to our knowledge — no security vulnerabilities. However, the combination of using ERC777 tokens and Uniswap/Lendf.Me contracts enables the above-mentioned reentrancy attacks.» They note that this exploit was already published on GitHub back in July 2019 by OpenZeppelin, a company that performs security audits for cryptocurrency platforms.
Per Jason Choi, Head of Research at Spartan Group, a blockchain advisory and investment firm, it has happened before, back in 2016.
Spencer Noon, head of crypto investments at DTC Capital, finds that the attack on Lendf.Me wasn’t surprising, while Twitter user Patrcik Tsoi believes this vulnerability «should be part of the auditing in smart contract before Defi product launching.»
The attack on Lendf.Me follows the announcement by crypto venture capital firm Multicoin Capital that they led a USD 1.5 million round in dForce.