Decoding ROE Finance’s Flash Loan Exploit | QuillAudits
Summary:
On the 11th of January, 2023, ROE Finance was attacked in Ethereum Chain. The attacker used Flash loans to create an imbalance in one of the pools and manipulate the price. Then he drained the balance of the victim pool leading to the loss of $80K.
Introduction to ROE Finance:
The ROE product ecosystem builds on top constant product (xy=k) AMMs by allowing LP providers to earn additional interest income on top of their swap rewards by lending out their LP tokens to interested borrowers who solve these two problems via a variety of trading strategies.
More information on the protocol can be found in the official documentation.
Vulnerability Analysis & Impact:
On-Chain Details:
Vulnerable Contract: 0x574FF39184Dee9e46F6C3229B95e0e0938e398d0
Attack Original Txn(failed): 0x2df0fcc53371263808e330ec51a175b15ecff734b55bf8b0cc716c84bcec43e0
MEV Bot Txn(success): 0x927b784148b60d5233e57287671cdf67d38e3e69e5b6d0ecacc7c1aeaa98985b
MEV Attacker Contract: 0x3a5b7db0be9f74324370fbd65b75850a5c82d176
Attacker: 0x67a909f2953fb1138bea4b60894b51291d2d0795
Attacker2: 0xE2Ba15be8C6Fb0d7C1F7bEA9106eb8232248FB8B
Price oracle for WBTC-USDC: 0x849af4b128be3317a694bfd262deff636ab84c1b
Root Cause:
The attack took advantage of Price manipulation to steal money from the Protocol. The underlying cause is the pool’s limited liquidity, which results in price oracle manipulation via Flash Loans.
Attack Steps:
1. The attacker took a flash loan of 5.76 million USDC from the balancer and deposited it in the pool.
2. Then the attacker borrowed 2,953,841,283 UNI-v2 tokens from the pool on behalf of his EOA i.e. 0x67a9 and deposited the tokens into the pool. The attacker then repeated the same action 49 times.
3. The attacker burned 2,953,841,283 UNI-v2 and received around 2.96 WBTC and 51,661 USDC.
4. The attacker sent 26,024 USDC to UNI-V2 and then called the sync function. Now, Oracle’s UNI-v2 pricing has now been changed from 34,594,505,763,870 to 43,208,067,620,499. After the Price manipulation, the attacker’s collateral becomes worth roughly $6.25 million USD.
5. The attacker then borrowed 5.67 Million from the pool, swapped 0.66 WBTC for 14, 345 USDC, and finally paid back the flash loan. See below:
The original transaction was front runned by a MEV bot, and the Bot owner took away the profit of around $78,190 i.e ( 2.29 WBTC and 39,982 USDC)
After the Exploit :
There is no official announcement from Roe Finance regarding the hack.
Status of Funds:
The attacker( 0x67a9) converted the USDC and WBTC tokens to DAI and send the amount($78,190) to his another wallet i.e. (0xe2ba1)
The address(0xe2ba1) labelled as RoeFinance Exploiter 2 currently has around $76,728 left in his wallet.
How to Prevent Flash Loan Attacks?
Recently there has been a massive increase in flash loan attacks in the DeFi space. Their occurrences have given birth to two popular solutions. Check out here for a detailed explanation.
1. Decentralized Pricing Oracles
2. Implementation of DeFi Security Platforms
Further Reference:
Web3 security- Need of the hour
Why QuillAudits For Web3 Security?
QuillAudits is well-equipped with tools and expertise to provide cybersecurity solutions saving the loss of millions in funds.
Want more Such Security Blogs & Reports?
Connect with QuillAudits on :
Linkedin | Twitter | Website | Newsletter | Discord | Telegram
Partner with QuillAudits :
- Affiliate program ( Refer and secure web3 )
- QuillAudits Partnership Programme ( Venture funds, launchpads, development companies, marketing firms, web2 cybersecurity firms, web3 products )
- Join Ambassdor program
