How did the $197 million heist happen? An analysis of Euler Finance events

Beosin

23-03-14 15:57

Read this article in 6 Minutes

AI summary

View the summary

原文标题：《 1.97 亿美元大劫案如何发生？Beosin 关于 Euler Finance 事件的简析》

原文作者：Beosin

On March 13, 2023, according to the Beosin EagleEye Security Risk Monitoring, Warning and Blocking platform of Beosin, a blockchain security audit company, Euler Finance, the DeFi loan protocol, was suspected to be attacked, and the loss was about 197 million dollars.

Beosin Trace found that 34,224,863.42 USdcs and 849.14 WBTCS, 85,818.26 stETH and 8,877,507.35 DAI have been stolen. Most of the stolen money is still at the attacker's address, The attackers transferred only 100 ETH to tornado cash.

We have shared a brief analysis of the incident below, and look forward to a more detailed analysis tomorrow.

The Beosin security team uses one of the transactions from the security incident as an example:

0xc310a0affe2169d1f6feec1c63dbc7f7c62a887fa48795d327d4d2da2d6b111d

1. The attackers first used AAVE lightning to lend 30 million DAI, and then pledged 20 million DAI to obtain 19,568,124 eDAI as collateral.

2. The attacker then calls the mint function to borrow 195,681,243 EDais (mortgage assets) and 200,000,000 dDAI(debt assets) from these 19,568,124 EDais, thus increasing his eDAI balance tenfold.

3. The attacker then pledged the remaining 10 million DAI using the repay function, lending 195,681,243 eDAI and 200,000 dDAI again.

4. The attacker then carried out donateToReserves operation and destroyed 100 million eDAI, making eDAI smaller than dDAI and reaching liquidation conditions.

5. At the end of liquidation, as the ratio of mortgage assets (eDAI) and debt assets (dDAI) was less than 1 through donateToReserves function and mint function previously, the liquidator could liquidate the attacker's debts without transferring funds into the agreement. The subsequent attackers withdrew all 38 million DAI of Euler's contract and returned 30 million DAI to AAVE, making a profit of about 8 million DAI.

If you haven't yet, keep an eye on the Beosin official account, and we'll publish an in-depth analysis tomorrow that will give you more information about what happened.

As a global leading blockchain security company, Beosin has set up branches in more than 10 countries and regions around the world. Its business covers "one-stop" blockchain security products and services such as code security audit before project launch, security risk monitoring during project operation, early warning and blocking, virtual currency stolen assets recovery, security compliance KYT/AML, etc. At present, it has provided security technical services for more than 3,000 blockchain enterprises around the world. Audited more than 3,000 smart contracts and protected more than $500 billion in client assets. Welcome to click the public account message box, contact us.