Decoding Ovix Protocol’s $2 Million Exploit | QuillAudits

5 min readMay 8, 2023

Summary:

On April 28th, the Ovix Protocol on the Polygon chain experienced an attack due to a flawed price calculation, which allowed hackers to steal approximately $2 million from multiple Ovix Pools.

About the 0VIX Protocol:

0VIX is a decentralized finance (DeFi) liquidity market protocol built on Polygon. The protocol enables users to effortlessly lend, borrow, and earn interest with their digital assets. Depositors who provide liquidity to the protocol may earn passive income, while borrowers can borrow using overcollateralization.

To learn more about the project, check out the official documentation.

Vulnerability Analysis and Impact:

On-Chain Details:

Attacker EOA-1: 0x702ef63881b5241ffb412199547bcd0c6910a970
Attacker’s EOA-2: 0xBEF0a2A4885EA5Df895047F49c202525B73DCc68

Attacker contract: 0x407feaec31c16b19f24a8a8846ab4939ed7d7d57

Victim contract: 0x51195e21bdae8722b29919db56d95ef51faeca6c
oUSDT token contract: 0x8eb270e296023e9d92081fdf967ddd7878724424
vGHST V3 contract: 0x8eb270e296023e9d92081fdf967ddd7878724424
vGHST Oracle: 0x738fe8a918d5e43b705fc5127450e2300f7b08ab

Attack Transaction: 0x10f2c28f5d6cd8d7b56210b4d5e0cece27e45a30808cd3d3443c05d4275bb008

Root Cause

The vulnerability in the GHST token’s price calculation mechanism is due to the use of a specialized Oracle implementation called VGHSTOracle for the vGHST token, which is prone to price manipulation via donations. The calculation of the ovGHST token relies on the balance of GHST tokens held within the vGHST contract, which allows an attacker to manipulate the price by directly transferring tokens.

Attack Process:

The attacker employed multiple flash loans to borrow a significant number of tokens.

Next, he deposited 294K aGHST in the vault and minted 283K vGHST. They then deposited USDC collateral and used it to create leveraged debt positions denominated in vGHST.

To manipulate the price of GHST, the attacker transferred mUSDC and vGHST tokens to their contract and utilized them to borrow ovGHST. This action inflated the price of GHST.

Following the creation of the leveraged debt positions with the USDC collateral and manipulation of the token’s price, the attacker proceeded to liquidate those positions, resulting in a higher value for the owed debt.

Finally, the attacker repaid the flash loans and conducted asset swaps to convert some of the acquired assets into USD and GHST tokens. The funds obtained were subsequently transferred to the attacker’s address.

The flow of funds:

After the hack, the attacker bridged the funds from Polygon to Ethereum and transferred 760 ETH (around 1.42 million) to Tornado Cash.

Attacker’s Wallets:

As of writing this blog, the attacker has around 310 ETH (worth around 580K) in their wallet.

Incident Timelines

28-04-2023: The project acknowledged the incident and announced it on Twitter. They paused POS and zkEVM markets and later announced that they are working with security firms to investigate the issue.
28-04-2023: They sent an on-chain message to the exploiter, offering a reward of $125K if he returned the funds, and promising not to engage law enforcement agencies.

28-04-2023: The attacker transferred 520 ETH to Tornado Cash.
29-04-2023: 0vix tweeted that the attacker had a 30-minute window to respond before an update was to follow. When the attacker didn’t respond, 0vix tweeted and sent an on-chain message to the attacker, informing them that they would schedule law enforcement agencies to track them.

29-04-2023: The attacker transferred another 240 ETH to Tornado Cash.
01–05-2023: The team shared a preliminary report on the 0VIX exploit with the community. They also stated that a full post-mortem will be released at a later time.
02-05-2023: The 0VIX Protocol resumed all operations on zkEVM.
04–05–2023: The team announced that part of the funds are being returned to 0VIX. More updates on the recovery will be provided soon.

Mitigation:

The 0VIX protocol should stop listing tokens whose price can be manipulated atomically. Numerous instances in the past, such as the hacks experienced by Cream Finance, Hundred Finance, and others, have demonstrated the detrimental consequences of overlooking this critical issue.
Implementing price limits could also help the protocol prevent large price swings caused by price manipulation. Additionally, the 0VIX protocol should establish robust security protocols and audits to continually monitor listed tokens for any signs of potential manipulation.

Reproducing the hack:

We will be using the Foundry framework for POC.

(Add the Polygon Mainnet RPC URL in foundry.toml file and run the test using the command forge test -vvv)

Similar projects secured by QuillAudits:

Web3 security- Need of the hour

Why QuillAudits for Web3 Security?
QuillAudits is well-equipped with tools and expertise to provide cybersecurity solutions, saving the loss of millions in funds.

Want more such security blogs and reports?