Spirit Track Security: A complete review of the attack on XSURGE

On August 17, the monitoring system of Lingzong Security detected that the DeFi protocol XSURGE on the BSC chain was attacked by lightning loans. 

Regarding flash loan attacks, we have introduced many times in previous articles. “Flash loan” has become a familiar vocabulary in the DeFi field, especially in the repeated attacks this year. 

The principle of “Lightning Loan” is a means of borrowing and lending by using the feature of Ethereum smart contracts that can roll back transactions. Everyone must pay attention to the fact that “flash loans” are just a means to be used, and it is not the culprit in itself. The culprit usually has other reasons. 

The basic process of hackers using flash loans to attack is as follows: 

  • First use flash loans to borrow funds from the fund pool 
  • Then use the loaned funds to find the vulnerability of the attacked contract to attack 
  • Finally, the principal of the loan is returned to the fund pool from the huge proceeds obtained from the attack, and the rest is the profit of the hacker’s attack.

 The vulnerability of the attacked XSURGE project caught by hackers is a “re-entry attack.” Hackers seized this loophole and used lightning loans to amplify the effect of the attack. However, in this attack, it is worth noting that before XSURGE was attacked, the project party had already issued a statement on Twitter, claiming that a loophole was found in the contract and reminding everyone to withdraw funds. 

Perhaps it was the statement of the project party that reminded the hacker, or maybe it was the hacker who had planned for a long time, and the project was attacked shortly after the statement of the project party was issued. 

In this attack, the hackers conducted multiple rounds of tests and attacks before and after, and the total profit was more than 13,000 BNB, with a market value of more than 5 million U.S. dollars. Among the many rounds of tests and attacks initiated by hackers, we have chosen a very simple attack process and show you the process of the hacker attack.

In this attack, the address of the attacker is: 0x59c686272e6f11dC8701A162F938fb085D940ad3, and the contract address of the attacked XSURGE is: 0xE1E1Aa58983F6b8eE8E4eCD206ceA6578F036c21.

The transaction hash value of this attack is 0x42bc03afdbda5c46d185711ce1f5df990ece215534dcd8b14529bb1beddacd4, and the related transaction flow chart is as follows:

DdxRKmS8CrbF5wIcB11RdSK6zzVCTODbZEJPcg9q.png

This flowchart shows a series of BNB transfer processes. The information implicit in this process is as follows:-The attack contract first borrowed 3 BNBs by means of flash loans-Then the attacker started to attack the SurgeToken contract-After repeated attacks , The accumulative amount obtained by the attacker reached 8.175 BNB-the attacker finally repaid the flash loan of 3 BNB, and finally made a profit of 5.1667 BNB. The complete process of hackers attacking contracts using flash loans. So what exactly went wrong with the contract code being attacked? Here is the key code of our excerpt:

Zr1amGiyKr4GVsm1Q4YrVP78MsoMtWsd1Ia0mGiV.png

In the above code, the code with the “reentrancy attack” vulnerability is the following line:

V4Qoq76SDmKLTdacNoYU3j0Wmvj34kdE1qLcVOp6.png

In this line of code, when calling externally, usually only 2300 gas is available for the call call by default, and an attack cannot be completed. But the gas: 40000 parameter is used here, so that the reentry attack can have up to 40,000 gas available, which makes the reentry attack complete and the vulnerability appears. In addition, the state of the contract is modified after the external call, which leads to the balances[seller] in the statement require(_balances[seller] >= tokenAmount when the reentry attack occurs. Therefore, the attacker can continue during the reentry. Call the above code to transfer the BNB in ​​the contract.

9XxTCig4lIpvBZ8PgTMwUB6iidqxZ8liLfh23LxX.png

Therefore, there are two reasons for the success of this attack:

  • After state modification occurs external call 
  • Setting the gas value when calling the call function makes the conditions for reentry attacks available.

 Re-entry attacks are a frequent problem in the field of smart contract security. In this attack, flash loans also only acted as “accomplices” rather than “culprits.” Therefore, the root cause of this contract security incident is the “re-entry attack” loophole. This incident once again reminded all project parties to attach great importance to contract auditing. At the same time, this also reminds all auditors that the audit of common problems should not be taken lightly. All problems must be handled with a rigorous attitude and meticulous work to plug all loopholes. This is also the basic attitude and method that Lingzong Security has always adhered to.

About Lingzong Security : Lingzong Security Technology Co., Ltd. is a company focusing on blockchain ecological security. Lingzong Security Technology mainly serves many emerging and well-known projects through the integrated comprehensive program of “code risk detection + logic risk detection”. The company was established in January 2021. The team was created by a team with rich experience in smart contract programming and network security.

Team members participated in initiating and submitting a number of draft standards in the Ethereum field, including ERC-1646, ERC-2569, and ERC-2794, of which ERC-2569 was officially income by the Ethereum team. 

The team participated in the initiation and construction of a number of Ethereum projects, including blockchain platforms, DAO organizations, on-chain data storage, decentralized exchanges and other projects, and participated in the security audits of multiple projects, based on this Based on the team’s rich experience, a complete vulnerability tracking and security prevention system has been built. 

Author: Tan Yuefei, CEO of  Lingzong Security

Master of Industrial Engineering (Virginia Tech, Blacksburg, VA, USA). Served as a software engineer at AIBT Inc (San Jose, CA, USA), a Silicon Valley semiconductor company in the United States, responsible for the development of the underlying control system, the program implementation of the equipment manufacturing process, the design of the algorithm, and the comprehensive technical docking and communication with TSMC. Since 2011, he has been engaged in the research of embedded, Internet and blockchain technology. He is a teacher of the “Introduction to Blockchain” course at the Entrepreneurship College of Shenzhen University, a visiting researcher at the Blockchain and Intelligence Center of Sun Yat-sen University, and an executive director of the Guangdong Financial Innovation Research Association. He owns 4 blockchain-related patents and 3 published works.

 

Posted by:CoinYuppie,Reprinted with attribution to:https://coinyuppie.com/spirit-track-security-a-complete-review-of-the-attack-on-xsurge/
Coinyuppie is an open information publishing platform, all information provided is not related to the views and positions of coinyuppie, and does not constitute any investment and financial advice. Users are expected to carefully screen and prevent risks.