Security experts explain typical DeFi vulnerabilities and their security risks

Since the rise of DeFi, it has quickly taken the world by storm in just nine months.

Since the rise of DeFi, it has quickly taken the world by storm in just 9 months.

BSC has built up an increasingly complete ecosystem with low cost gas and fast growing eco-applications, and has successfully become one of the leading public chain platforms.

Security experts explain typical DeFi vulnerabilities and their security risks

Data source: https://bscscan.com/

Every day today, hundreds of projects make tens of millions of transactions on BSC.

Security experts explain typical DeFi vulnerabilities and their security risks

Image from https://twitter.com/BinanceChain/status/1395060714390315008

But the heat of on-chain transactions has brought another pitfall to the forefront – security risks.

There are a growing number of different levels of vulnerabilities that can be exploited by hackers.

CertiK security experts have divided these vulnerabilities into four main categories, and the following will bring you readers an explanation of DeFi-related security risks.

Administrator Key Leakage

In smart contracts, certain functions are protected by a function modifier – only a specific operator can invoke a specific function.

In most cases, these functions are used to modify the contract configuration or to manage the funds held in the smart contract. So if an attacker compromises the management key, they can take full control of the smart contract and invoke the function to steal the user’s assets.

Causes of key compromise

The first possibility is a computer Trojan.

An attacker can use a Trojan horse to steal a private key stored on a computer or conduct a phishing attack to trick users into sending their private key to the attacker.

For DeFi contracts, there are often several people sharing a single management key.

This means that if an insider is up to no good, then he can invoke the management function to transfer the project’s tokens to his own wallet address.

Here are two examples: On March 5, 2021, PAID Network suffered a “mint” attack due to mismanagement of its private key, which was presumed to have been stolen from the administrator’s computer through a phishing attack.

The PAID token contract is located behind a scalable proxy server, which means that the token contract can be replaced by the owner of the proxy server.

This type of malicious code has a minting feature, where the attackers destroyed 60 million PAID tokens and then minted 59 million tokens for themselves.

At the time, $2,501,203 in PAID tokens (approximately 2,040 ETH) were minted on Uniswap

Security experts explain typical DeFi vulnerabilities and their security risks

Uniswap was sold on the Ether-based token exchange protocol View More and the token price plummeted from $2.80 to $0.30.

Security experts explain typical DeFi vulnerabilities and their security risks

On April 19, 2021, EasyFi founders claimed that the hacker carried out a targeted attack on administrators in order to obtain the admin key. 2.98 million EASY tokens (worth about $75 million at the time) were transferred from the official EasyFi wallet to several unknown wallets.

The importance of securely storing private keys for project security is thus evident, and administrators should never store unencrypted admin keys on computer devices or leave them unguarded in Metamask hot wallets.

CertiK security experts recommend that administrators use a hardware wallet to create accounts.

If each administrator in a multi-person team uses a hardware wallet, it is also necessary to obtain signed consent from most of the members if one of the administrators attempts to make a privileged transaction, which prevents an attacker from being able to invoke all privileged functions while gaining access to only one key.

Token contracts should avoid the ability to mint new tokens whenever possible. If new tokens need to be minted, the DAO should be used

Security experts explain typical DeFi vulnerabilities and their security risks

DAO Decentralized Autonomous Organization view more contracts or time-locked contracts than EOA accounts.

Coding errors

When people mention DeFi vulnerabilities, they tend to think that the vulnerability is necessarily complex, which is not always the case.

Sometimes a small coding error can cause millions of dollars in assets to evaporate in one fell swoop.

Some examples of common coding errors.

  1. function permissions, modifier (modifier) missing
  2. misspelled words
  3. incorrect number of digits
  4. missing/incorrect variable value assignment
Security experts explain typical DeFi vulnerabilities and their security risks

One very typical example is the attack on Uranium Finance: hackers attacked Uranium Finance’s unaudited contracts and the project lost $57 million as a result.

The administrator used an inconsistent multiplier when comparing the product of the two token balances in the pool before and after the swap, which allowed the attacker to swap a large number of tokens from the pool with just 1 Wei.

Uranium finance’s code.

Correct code.

Another example is Value DeFi, which was hacked resulting in a loss of $10 million.

This incident happened because the initialization function in the Value DeFi contract was missing “initialized = true”, which meant that anyone could initialize the pool and set themselves as administrators.

On May 5, 2021, the attackers initialized the pool, set themselves as administrators, and then used the “governanceRecoverUnsupported” function to deplete the pledged tokens.

Vulnerable code in Value DeFi.

Security experts explain typical DeFi vulnerabilities and their security risks

Solution.

Security experts explain typical DeFi vulnerabilities and their security risks

This type of code error is often extremely easy to avoid simply through proper peer review, unit testing, and security audits.

Lightning Loans and Price Manipulation

Lightning loans can be made without providing any collateral, but of course all operations must be completed within a single transaction block.

Developers can get their money from Aave

Security experts explain typical DeFi vulnerabilities and their security risks

AaveAave (/’ɑrve/, “ghost” in Finnish) is an open source decentralized lending protocol that provides users with deposit and lending services. See more or borrow in protocols such as dYdX on the condition that liquid funds are returned to the pool before the transaction ends.

If funds are not returned in a timely manner, the transaction is withdrawn, thus securing the reserve pool.

The general operating steps of a Lightning Loan are as follows.

  1. Borrow a large number of tokens A using Lightning Lending
  2. exchange token A for token B on DEX (the price of token A goes down and the price of token B goes up)
  3. attack a DeFi project that relies on the price of A/B
  4. repay the lightning loan

Posted by:CoinYuppie,Reprinted with attribution to:https://coinyuppie.com/security-experts-explain-typical-defi-vulnerabilities-and-their-security-risks/
Coinyuppie is an open information publishing platform, all information provided is not related to the views and positions of coinyuppie, and does not constitute any investment and financial advice. Users are expected to carefully screen and prevent risks.

Like (0)
Donate Buy me a coffee Buy me a coffee
Previous 2021-05-27 03:34
Next 2021-05-27 04:02

Related articles