First release | Interpretation of typical DeFi vulnerabilities and their security risks

This article was originally created by Certik and authorized by Jinse Finance to publish. Since the rise of DeFi, it has rapidly become popular all over the world in just 9 months. BSC has established an increasingly complete ecosystem with low-cost gas and fast-growing ecological applications, and has successfully become one of the leading public chain platforms. Data source: https://bscscan.com/ Today, hundreds of projects conduct tens of millions of transactions on BSC every day. The picture is from https://twitter.com/BinanceChain/status/1395060714390315008 But the popularity of transactions on the chain has brought another hidden danger to us-security hidden danger. There are more and more different levels of vulnerabilities that can be exploited by hackers. CertiK security experts divide these vulnerabilities into four categories? The following will explain DeFi-related security risks to readers. In smart contracts, certain functions are protected by function modifiers—only certain operators can call certain functions. In most cases, these functions are used to modify contract configuration or manage funds held in smart contracts. So if an attacker compromises the admin key, they can take full control of the smart contract, call that function and steal user assets. First release | DVP: Vulnerabilities in the Bitstamp exchange can lead to a large amount of KYC and other information being leaked: Golden Finance News, recently, DVP received a vulnerability in the world-renowned exchange Bitstamp submitted by security personnel. Attackers can use this vulnerability to view a large number of user IDs, Sensitive information such as bank cards poses a serious threat to user information security. In order to avoid the vicious incident of KYC leakage, the DVP security team notified the platform to repair it as soon as possible after receiving the vulnerability, but did not receive a response. DVP reminds relevant users to pay attention to personal information security to avoid losses. [2019/8/13] The reason for key leakage The first possibility is a computer Trojan horse program. Attackers can use Trojan horse programs to steal private keys stored on computers, or conduct phishing attacks to trick users into sending their private keys to attackers. For DeFi contracts, several people often share a management key. This means that if an insider has bad intentions, he can call the management function to transfer the project's tokens to his own wallet address. Here are two cases: On March 5, 2021, PAID Network suffered a "minting" attack due to improper management of its private key. It is speculated that the attacker stole the key from the administrator's computer through a phishing attack. The PAID token contract is behind an upgradeable proxy server, which means that the token contract can be replaced by the owner of the proxy server. This type of malicious code has a minting function, the attacker destroyed 60 million PAID tokens, and then minted 59 million tokens for himself. At that time, US$2,501,203 of PAID tokens (approximately 2,040ETH) were sold on Uniswap, and the token price plummeted from US$2.8 to US$0.3. First Release | Antminer S17 Performance Exposure Using new heat dissipation technology and global optimization and customization solutions: Jinjin Finance News, a few days ago, Bitmain’s upcoming Antminer S17 performance exposure. According to Moments, the product manager of Antminer S17, the new product will adopt a new generation of heat dissipation technology and global optimization and customization solutions. It is understood that the heat dissipation technology may refer to the packaging technology of the chip, or it may be the heat dissipation structure design of the machine. As for the "global optimization and customization" plan of the S17 product, no details were disclosed. There are voices commenting that this may be a preparation for the decisive battle of the wet season. [2019/3/22] On April 19, 2021, the founder of EasyFi claimed that the hacker carried out a targeted attack on the administrator in order to obtain the management key. 2.98 million EASY tokens (valued at about $75 million at the time) were transferred from the official EasyFi wallet to several unknown wallets. Therefore, the importance of safe storage of private keys to project security can be seen. Managers should not store unencrypted administrator keys on computer devices, or place them unguarded in Metamask hot wallets. CertiK security experts advise administrators to use hardware wallets to create accounts. If each manager of a multi-person team uses a hardware wallet, once one of the managers tries to conduct a privileged transaction, the majority of members must also sign and agree, which prevents the attacker from calling All privileged features. Token contracts should avoid the ability to mint new tokens as much as possible. If you need to mint new tokens, you should use DAO contracts or timelock contracts, not EOA accounts. When people mention DeFi vulnerabilities, they often think that vulnerabilities must be very complicated, but this is not always the case. Sometimes a small coding error can cause millions of dollars in assets to evaporate overnight. Some common examples of coding errors: First release | Baidu promotes online collections of 246 museums on the chain: Golden Finance News, recently, Baidu Super Chain and Baidu Encyclopedia, based on blockchain technology to create a "cultural art chain" to promote the encyclopedia museum plan The online collections of 246 museums are on the chain. Based on the "Cultural Art Chain", Baidu will work with museums to promote the confirmation and maintenance of online collection copyrights, and at the same time explore digital trading methods for online collection copyrights, providing more comprehensive services and more rights and interests for cooperative museums. According to reports, this project will be carried out in phases. In the first phase, the chain entry and confirmation of online collections will be completed, and an exclusive copyright deposit certificate will be produced for each collection. Allow every user to view the certificate on the PC and WAP collection pages of the Baidu Encyclopedia Museum Project. In the future, Baidu will also promote the combined application of AI and blockchain technology in the cultural and museum field to ensure that the on-chain data matches the collections, laying the foundation for subsequent digital transactions of image copyrights of collections. [2019/1/30]1. Function permissions, missing modifiers2. Typos3. Incorrect number of digits4. Missing/incorrect assignment of variable values Attack: Hackers attacked the unaudited contract of Uranium Finance, and the project lost $57 million. Admins used inconsistent multipliers when comparing the product of two token balances in the pool before and after the swap, which allowed an attacker to swap out a large number of tokens from the pool with only 1 Wei. The code of Uranium finance: Correct code: The voter turnout rate of the golden debut EOS supernode election reached 6.49%: Uranium Finance data broadcast, as of 15:50 on June 13th, Beijing time, the EOS voter rate reached 6.49%. EOS Gravity Zone and EOS Canon, as two super node campaign teams from China, temporarily ranked fifth and sixth. Among them, the total number of votes for EOS Gravity Zone was 9.03 million, accounting for 2.96%; the total number of votes for EOS Canon was 8.77 million, accounting for 2.87%. EOSflytomars, which had sprung up before, temporarily ranked 17th, with a total of 6.3 million votes, accounting for 2.07%. Among the top 30 super node campaign teams, eight teams are from China. [2018/6/13] Another example is Value DeFi, which was hacked and lost 10 million US dollars. The reason for this incident is that the initialization function in the Value DeFi contract lacks "initialized = true", which means that anyone can initialize the fund pool and set themselves as an administrator. On May 5, 2021, the attacker initialized the pool, set himself as an administrator, and then drained the staked tokens using the "governanceRecoverUnsupported()" function. Vulnerable codes in Value DeFi: Solution: IMEOS first released EOS Go and announced two new check conditions: According to reports from Jinse Finance partner IMEOS: Today, EOS Go announced two new check conditions on steemit For: 1. Plan to ensure security: whether the candidate node publishes an article on steemit to introduce the security method and plan of the node. The "safety method" standard is an opportunity to show EOS voters the knowledge of security best practices and the organization's implementation plan; 2. Position: Describe the position of the node to share inflation rewards and/or distribute dividends to EOS token holders (candidate nodes are posted on steemit). Mainly address the following two questions: Will the organization provide payments to EOS token voters for any reason, including BP elections and community recommendations? Does the organization have a written no-ticket payment policy? If so, please provide a link. [2018/4/27] This type of code error is often extremely easy to avoid, simply by passing proper peer reviews, unit tests, and security audits. Flash loans can be used for loans without providing any collateral. Of course, all operations must be completed within a transaction block. Developers can borrow and borrow from protocols like Aave or dYdX on the condition that liquidity is returned to the pool before the transaction closes. If the funds are not returned in time, the transaction will be reversed, thus ensuring the safety of the reserve pool. The general operation steps of flash loan are as follows: 1. Use flash loan to borrow a large amount of token A2. Exchange token A for token B on DEX (the price of token A drops, and the price of token B rises) 3. Attack a DeFi projects that rely on A/B prices 4. Repaying flash loans Last week, PancakeBunny suffered a flash loan attack. The attacker stole 114,000 BNB and 697,000 Bunny (worth about $40 million at the time). The attacker used flash loans to manipulate the price of the PancakeSwap USDT-BNB V1 pool, causing a large amount of BNB to flow into the BNB-Bunny pool, which enabled the contract to mint Bunny at an inflated BNB/Bunny price. PancakeBunny uses the following function to calculate the price of Bunny: A large number of BNB flowed into the BNB-Bunny pool, causing the variable "reserve0" to become larger, and the price calculation formula was flawed, which led to the attacker illegally obtaining 697,000 Bunny. There are many victims of flash loan attacks, including some well-known projects in the DeFi field: PancakeBunny ($40 million loss), Harvest Finance ($25 million loss), Yearn ($11 million loss), Value DeFi ($7 million loss), AKROPOLIS ($2 million loss), Cheese Bank, XToken, bZx, etc. It is not difficult to see from these examples that the project party should focus on preventing the price from being maliciously manipulated by flash loans. In order to prevent this from happening, CertiK security experts recommend ① use time-weighted average price (TWAP, which represents the average price of tokens in a specified time period), because the attacker can only manipulate the price in one block, so the average price will not be affected, so as to avoid related malicious manipulation, ② or use a reliable on-chain price oracle system, such as Chainlink. Many projects, such as PancakeSwap and UniSwap, operate independently, and users do not interact with other third-party protocols. In PancakeSwap, users can earn reward tokens or exchange one token for another by providing liquidity. But other projects, such as Yearn Finance, work differently. For example, Yearn Finance collects user funds and puts them into third-party contracts to obtain income by investing in user tokens. A third situation is when some projects "borrow" code from other projects. In the latter two cases, if the source of the third-party code has a high security risk, all projects using the code will also be attacked. If the developers of the project are not familiar with the third-party code they use, once the code has a loophole, the consequences will be disastrous. On May 8, 2021, the non-50/50 pool of Value DeFi vSwap AMM was attacked, and the total loss was about 11 million US dollars. In order to achieve a non-50/50 pool, Value DeFi copied the "power()" function from "BancorFormula.sol" belonging to the Bancor protocol. In the usage description of the power() function, it has been stated that this function does not support the situation of "_baseN <_baseD". But Value DeFi did not notice this comment, so the attacker successfully exploited this vulnerability to exchange a small amount of token A for token B by passing specific parameters into the function. Code for Value DeFi: There are many other similar situations in the DeFi space. On May 8, 2021, an attacker consumed approximately 2,600 ETH from the Rari Capital Ethereum Pool by exploiting the functionality of Alpha Homora V1's ibETH Pool Bank contract integrated in Rari Capital V2. Bearn Finance used the withdrawal amount of BUSD to withdraw ibBUSD in its "BvaultsStrategy" contract, allowing the attacker to easily transfer 10,859,319 BUSD in the pool. These types of issues are harder to detect, so project managers should be cautious about interacting with any third-party protocols, let alone blindly copy and deploy code that developers don't understand. CertiK security experts recommend: 1. Developers should fully understand the operation of third-party protocols and their branch projects before integrating them and deploying them in production. 2. Before the project goes online, developers should deploy it on the test network for testing and check the abnormalities in the transaction records in time. Overall, although it is difficult for the project to guarantee 100% security, the following points can improve the security of the project as much as possible: 1. Safely store the administrator key 2. Avoid simple coding errors 3. Refer to reliable on-chain prices 4 . Conduct security audits and prepare for them. For end users, it can sometimes be difficult to find out details about items before interacting with them with personal assets. In order to facilitate users to obtain project security information, CertiK has developed the world's first security leaderboard to openly and transparently display the security data of blockchain projects.

Tags：

ETH