Read-only reentrency in the wild

coinspect / learn-evm-attacks

Learn and contribute by exploring blockchain attacks in detail. Maintained by Coinspect smart contract audit team, renowned for their top-tier smart contract audit services.

https://www.coinspect.com/services/smart-contract-audit/

MIT License

1.67k stars 215 forks source link

Read-only reentrency in the wild #43

Closed MatthiasEgli closed 1 year ago

MatthiasEgli commented 1 year ago

There is mentioning that the read-only reentrancy is theoretical and there aren't cases out there where this was exploited. This is not true, as we published this class of vulnerability based on an actual bug with 100m+ at risk back when it was active. The technical details are here: https://chainsecurity.com/curve-lp-oracle-manipulation-post-mortem/ and a description of the vulnerable projects here: https://chainsecurity.com/heartbreaks-curve-lp-oracles/ (including how it was fixed by e.g. MakerDAO)

Till today, incorrect use of the stETH/ETH pool on Curve will allow attackers to exploit projects with this read-only reentrancy.

joaquinlpereyra commented 1 year ago

@MatthiasEgli Cool, thanks for the links! We must have missed it. We will review and probably update the attack with an example 🧑‍🏭

pcaversaccio commented 1 year ago

The ~QiDao Protocol~ QuickSwap Lend was exploited via the read-only reentrancy. You can find all the exploit details in my repo here.

For the sake of completeness, I quickly list the exploit details here:

pcaversaccio commented 1 year ago

After reviewing again the attack details, we should not call the attack a QiDAO Protocol attack but rather a QuickSwap Lend attack. Accordingly, I updated the name here: https://github.com/pcaversaccio/reentrancy-attacks/commit/554cd56e99f25c9fd1f8af27327c90b56edb693d. The reason is that the targeted attack is on the QuickSwap Lend dimension and not QiDAO Protocol, which just simply seeded the drained funds.

nine-december commented 1 year ago

We are currently working on the reproduction of QiDAO.

Only a few steps left and we will merge it, you can check the progress here: Pull #45.

pcaversaccio commented 1 year ago

Another read-only reentrancy exploit happened yesterday: https://twitter.com/AnciliaInc/status/1614705804468424704

Here are the attack details: Midas Capital attack – January 15, 2023 | Victim contract, Exploit contract, Exploit transaction

joaquinlpereyra commented 1 year ago

Another one: https://2pinetwork.medium.com/lessons-learned-from-exploit-incident-postmortem-70ad1a079b38

pcaversaccio commented 1 year ago

thx for highlighting, added to my reentrancy repo via https://github.com/pcaversaccio/reentrancy-attacks/commit/19f3c04b9e81fc2e1a6682e21fbb9e3a64000a75.

nine-december commented 1 year ago

The attack is now about to be merged. We will review it one more time before merging but feel free to track it's state on #45.

Cheers 🎉

nine-december commented 1 year ago

FYI: The strategy used in the Midas attack was the same as the QuickSwap Lend attack, using several contracts to borrow. The traces are much more alike.

joaquinlpereyra commented 1 year ago

Tracked and merged at: https://github.com/coinspect/learn-evm-attacks/pull/45

pcaversaccio commented 1 year ago

FYI, another read-only reentrancy just happened recently with the Sentiment attack: https://github.com/pcaversaccio/reentrancy-attacks/issues/12.