$500,000 in blood and tears: How a simple signature led to asset theft?

When the “Little Fox” wallet jumps out of the authorized wallet, you must first understand the meaning and details of this signature.

It may be hard to imagine that a simple signature in Metamask can empty your wallet. But this happened to a veteran user who today lost nearly half a million USDC to a bug . If you are not careful, you may be the next him. So, today I want to tell you the ins and outs of this incident, and tell you how to pay attention to such issues in the future.

It was a quiet afternoon when Joe (pseudonym) suddenly found that 469,000 USDC had been transferred from his wallet. This transfer is not simple, and certainly not something that an attacker can do, because it is impossible for them to gain access to Joe’s wallet. That means that it should be a malicious contract that transferred all his USDC.

$500,000 in blood and tears: How a simple signature led to asset theft?

Before I tell today’s story, I need to explain some terminology to you. USDC is a multifunctional contract on Ethereum that specifies how we can use USDC.

Among the many functions, we need to pay special attention to the following two functions:

transfer

transferFrom

$500,000 in blood and tears: How a simple signature led to asset theft?

The transfer function is required when you need to transfer USDC, or other ERC20s, between wallets. It can transfer the Token from the caller (the address that called the function) to another address. If someone can maliciously use this function in your name, he must first master all permissions of your wallet.

$500,000 in blood and tears: How a simple signature led to asset theft?

When you interact with contracts, they will transfer your tokens through the transfer function, and the specific amount is determined by the ratio you preset in advance. So if you allow a contract to transfer an unlimited amount of USDC, it could theoretically take all your USDC.

Now let’s go back to Joe’s story, it is indeed the transferFrom function that transfers all his USDC. However, transferFrom will only work if Joe approves the contract to use his USDC. But in fact, Joe firmly believes that he has not approved anything.

$500,000 in blood and tears: How a simple signature led to asset theft?

However, DeBank’s transaction records clearly show that the malicious contract had unlimited access to USDC in the account 10 minutes before the breach. So the question is, who gave the contract this approval, if not Joe himself? All I can say is that Joe did approve this action, but without his knowledge.

$500,000 in blood and tears: How a simple signature led to asset theft?

The information on Etherscan shows that Joe himself did not call this function, and it was other addresses that actually approved this amount, which allowed the malicious contract to spend all of Joe’s USDC.

We can’t help but wonder, how can someone else give the contract permission on my behalf?

$500,000 in blood and tears: How a simple signature led to asset theft?

The permission feature was originally introduced to improve the user experience on Ethereum, allowing users to modify the approved amount without committing a transaction with just a single signature. That is, as long as you have your signature, anyone can call the permission function and update your approval limit for the contract.

$500,000 in blood and tears: How a simple signature led to asset theft?

You can experience this feature when you use the 1inch dApp. If you want to sell USDC on it, you don’t need prior approval, just sign your name. With this signature, 1inch has access to all your USDC. While 1inch won’t spend all your USDC for no reason, it does give malicious contracts an opportunity.

$500,000 in blood and tears: How a simple signature led to asset theft?

Joe must have accidentally signed such a message on a malicious website. Unfortunately, that time he was using a hot wallet, and the signature was just a click away. If he was using a hardware wallet, he would need to sign the information on an external device, and there would be a time to think.

With Joe’s signature, other addresses can submit a transaction with a permission function, so that the malicious contract has access to all the USDC in Joe’s wallet. Then, whenever it calls the transferFrom function, it can transfer all those funds.

$500,000 in blood and tears: How a simple signature led to asset theft?

So, a seemingly small signature can lead to a huge disaster. In some cases, Metamask will warn you about the dangers when you are ready to sign. Signing a message can be dangerous. However, some technical approval signatures will not receive early warning, but these abuses often cause huge losses.

How can I avoid encountering similar problems in the future?

1. Do not sign everything in Metamask;

2. Take the time to understand what you are signing;

3. Be extra careful with traditional approval matters.

Posted by:CoinYuppie,Reprinted with attribution to:https://coinyuppie.com/500000-in-blood-and-tears-how-a-simple-signature-led-to-asset-theft/
Coinyuppie is an open information publishing platform, all information provided is not related to the views and positions of coinyuppie, and does not constitute any investment and financial advice. Users are expected to carefully screen and prevent risks.

Like (0)
Donate Buy me a coffee Buy me a coffee
Previous 2022-08-30 00:05
Next 2022-08-30 00:06

Related articles