foreword

On August 30, KNOW Chuangyu Blockchain Security Lab detected that Cream Finance, a DeFi protocol on Ethereum, was hit by a reentrancy vulnerability, resulting in a loss of more than 18 million US dollars. The laboratory tracked and analyzed the incident as soon as possible.

Involved object

Involved object

0x38c40427efbaae566407e4cde2a91947df0bd22b

0x0ec306d7634314d35139d1df4a630d829475a125

The attack involves the contract address:

CErc20Delegator：0x2db6c82ce72c8d7d770ba1b5f5ed0b6e075066d6

CEther：0xd06527d5e56a3495252a528c4987003b712860ee

Amp：0xff20817765cb7f73d4bde2e66e067e58d11095c2

Victim involves contract address:

Briefly describe the attack process

(1) First, the hacker lends the startup capital 500 ETH through the contract 0x38c4 for flash loan

(2) Mortgage ETH to obtain certificates

(3) Call the CErc20Delegator contract through contract 0x38c4 to lend 19,480,000 AMP

(4) Continue to call the CEther contract to lend 355 ETH through the reentrancy vulnerability

(5) Use contract 0x0ec3 to perform excess loan liquidation on contract 0x38c4

(7) Return the flash loan

Vulnerability Cause Analysis

Vulnerability Cause Analysis

Profit conditions

The borrowFresh function first transfers through the doTransferOut function when a loan occurs, and then records the latest changes

The transfer function contained in the doTransferOut function will use the _callPostTransferHooks function to call back the tokensReceived function of the calling contract

Summarize

Summarize

This flash loan security incident is mainly due to the re-entry crisis caused by the project party not considering the compatibility between the protocols when designing the tokens. In fact, it has been revealed some time ago that ERC777 tokens with similar callback functions have re-entry vulnerabilities. If the project party discovers and follows up in time, it should be able to reduce or even avoid losses.