On April 30, 2022, the public opinion monitoring of Chengdu Lian’an Chain Bing-Blockchain Security Situational Awareness Platform showed that Fei Protocol’s official Rari Fuse Pool was attacked by hackers, and the hackers earned about 28,380 ETH, about 80.34 million US dollars, Chengdu Chain An technical team analyzed the incident for the first time, and the results are as follows.
#1 Event related information
Since the vulnerability appears in the basic protocol of the project, the attacker has attacked more than one contract. Only one example is analyzed below.
attack transaction
0xab486012f21be741c9e674ffda227e30518e8a1e37a5f1d58d0b0d41f6e76530
attacker address
0x6162759edad730152f0df8115c698a42e666157f
attack contract
0x32075bad9050d4767018084f0cb87b3182d36c45
Attacked contract
0x26267e41CeCa7C8E0f143554Af707336f27Fa051
#2 Attack Flow
1. The attacker starts with a flash loan from Balancer: Vault.
2. Use flash loan funds for mortgage lending in Rari Capital, due to the re-entrancy of Rari Capital’s cEther implementation contract.
The attacker withdraws all the tokens in the pool affected by the protocol by calling back the attack function constructed in the attack contract.
3. Repay the flash loan and send the attack proceeds to the 0xe39f contract
3 Vulnerability Analysis
This attack mainly exploits the reentrancy vulnerability in Rari Capital’s cEther implementation contract
4 Fund Tracking
As of the time of publication, the stolen funds exceeded 28,380 ETH (approximately $80.34 million) . Using Chengdu Lianan’s “Lian Bichai” tracking, it was found that the attacker was transferring through Tornado Cash, most of which were still in the attacker’s address.
5 Summary
In response to this incident, the Chengdu Chain Security team recommends:
When making Ethereum transfers, use call.value with caution. Use to make sure that reentrancy doesn’t happen . Before the project is launched, it is recommended to choose a professional security audit company to conduct a comprehensive security audit to avoid security risks.
Posted by:CoinYuppie,Reprinted with attribution to:https://coinyuppie.com/fei-protocol-attack-event-analysis-how-to-break-the-reentrancy-vulnerability/
Coinyuppie is an open information publishing platform, all information provided is not related to the views and positions of coinyuppie, and does not constitute any investment and financial advice. Users are expected to carefully screen and prevent risks.
Buy me a coffee 
