header-langage
简体中文
繁體中文
English
Tiếng Việt
Scan to Download the APP

Analysis of DeFi Protocol Warp Finance "Oracle Machine" Attack Event

20-12-18 21:30
Read this article in 10 Minutes
总结 AI summary
View the summary 收起
Original title: "Intensive Analysis of DeFi Protocol Warp Finance "Oracle" Attack Event"
Original source: Beosin Chengdu Lianan



At about 6:00 on December 18, Beijing time, the DeFi lending agreement Warp Finance was hacked, causing nearly $8 million in asset losses.


At the same time, Warp Finance officially tweeted that it is investigating illegal loans and recommends that users suspend stablecoin deposits until the truth of the incident becomes clear.


After receiving an alarm from the blockchain security situational awareness platform (Beosin-Eagle Eye), the Chengdu Lianan team immediately responded to the attack. The investigation found that:


1. Warp Finance uses the relative price of Uniswap trading pairs as the price feed source for its oracle.

2. After learning about this situation, the attacker manipulated the price of Uniswap trading pairs by using the huge amount of funds obtained from the flash loan.

3. By controlling the oracle machine to feed price source information, the attacker destroyed Warp Finance's loan value judgment standard.

4. Under the wrong data environment of Warp Finance, the attacker stole assets far exceeding the value of the collateral.

5. The attacker returned the money borrowed from the flash loan.


Attack transaction address


0x8bb8dc5c7c830bac85fa48acad2505e9300a91c3ff239c9517d0cae33b595090


Analysis of the attack process


The attacker first used Uniswap for flash loans, and adopted a mosaic (continuous operation before repayment) method, WETH loans were carried out in WBTC2, USDC3 and USDT2 pools respectively, as shown in the figure below:


Analysis of the DeFi protocol Warp Finance


Afterwards, In order to expand the amount of funds used for the attack, the attacker conducted a flash loan on dYdX. As shown in the figure below:


Analysis of DeFi Protocol Warp Finance


At this time, the scale of the loaned funds has reached nearly 200 million US dollars. Next, the attacker injected liquidity into the DAI 2 trading pool of Uniswap, and obtained the liquidity token LP, as shown in the following figure:


Intensive analysis of DeFi protocol Warp Finance


Then, mortgage the obtained LP tokens in the Warp Finance contract, the transaction and code are as follows:


p>


Intensive analysis of DeFi protocol Warp Finance


After completing the mortgage, the attacker used the borrowed funds to exchange all the DAI in the Uniswap DAI 2 pool, As shown in the picture below:


Analysis of DeFi Protocol Warp Finance


After the above "preparatory work" is completed, the price has been manipulated. On the other hand, Warp Finance’s oracle price feed source is price data from Uniswap LP tokens, the code is as follows:


Analysis DeFi protocol Warp Finance


LP Token Price Algorithm


(Price of A Token×Holding Amount in A Token Pool+Price of B Token×B holdings in token pool)/total amount of LP tokens


Among them, the price of A token and B token is determined by Uniswap's "correspondence Tokens and Stablecoins" trading pair is calculated.


Therefore, in the above case, the prices of A and B tokens are at normal levels, while the relative prices of A and B tokens in the trading pair have occurred abnormal. This is because Uniswap uses a constant product market maker mechanism, that is, A×B=K. When there is a large amount of exchange for a certain token, there will be huge slippage, resulting in a price difference.


Assumptions: A=A Token Amount; B=B Token Amount; AP=A Token Price; BP=B Token Price


Known: A×B=k (K is constant when no liquidity is added); Warp price=(AP×A+BP×B)/totalLP


Because both AP and BP are constant in this event, we can set AP=X1×BP and simplify to get Warp price=((X1×K)/B+ B) ×BP/totalLP


It can be concluded that X1×K , BP and totalLP are constant in the attack, and as the number of B increases, LP prices will increase.


The attacker took advantage of this and used the huge amount of funds obtained from the flash loan to add a large amount of liquidity of one of the tokens in the transaction pool, forcing Another type of token also surged, causing an imbalance in the price of LPs. Since the LP price has been manipulated and is at a high level, the attacker can lend out more assets than normal.


After that, the attacker makes a loan by calling the following function.


Intensive analysis of DeFi protocol Warp Finance


After successfully controlling the mortgage price, the attacker can use the wrong price data to lend far more than the mortgage Commodity value assets, from which to obtain huge profits. Finally, the attacker returned the flash loan, as shown in the following figure:


Analysis of DeFi Protocol Warp Finance


Summary of the incident


Obviously, this is another typical oracle attack incident initiated by a huge amount of flash loan. Chengdu Lianan once wrote that Among the many attack methods of hackers, the "oracle machine" price feeding control is the invisible "culprit".


At the same time, Chengdu Lianan also solemnly reminds DeFi developers that they should strengthen the targeted testing of oracles, especially when the project is launched Beforehand, simulate various scenarios of price manipulation attacks as much as possible, discover problems in time and find out solutions, and effectively improve the project's ability to resist oracle attacks.


After just one month, the huge property loss once again warned us that in the field of blockchain, security protection is particularly important, and many system security vulnerabilities belong to It is hard to guard against. Therefore, we must take active measures to form a continuous and effective protection plan in order to avoid problems in advance to the greatest extent.


In addition, if there are any technical problems in security during the operation of the DeFi project, it is an effective way to adopt third-party security technology solutions. Finally, Chengdu Lianan once again appealed to strengthen regular security testing of project oracle machines and other aspects to prevent such incidents from happening again.


Original link



欢迎加入律动 BlockBeats 官方社群:

Telegram 订阅群:https://t.me/theblockbeats

Telegram 交流群:https://t.me/BlockBeats_App

Twitter 官方账号:https://twitter.com/BlockBeatsAsia

举报 Correction/Report
This platform has fully integrated the Farcaster protocol. If you have a Farcaster account, you canLogin to comment
Choose Library
Add Library
Cancel
Finish
Add Library
Visible to myself only
Public
Save
Correction/Report
Submit