On March 27, 2022, public opinion monitoring on the Chengdu Lianan Chain Bing-Blockchain Security Situational Awareness Platform showed that the DeFi protocol Revest Finance was attacked by hackers, resulting in a loss of about US$120,000.

It is reported that Revest Finance is a solution for staking in the DeFi field. Users who participate in any DeFi staking through Revest Finance can directly create and generate an NFT (the NFT contains the current and future value of the staking position).

After the attack, the project team officially tweeted that their Ethereum contract was attacked, and measures have been taken to ensure the safety of the remaining funds in all chains.

#1 is analyzed as follows

#1 is analyzed as follows

address list

image description

transaction screenshot

First, the attacker calls the mintAddressLock function in the attacked target contract twice through uniswapV2call.

The mintAddressLock function is used to query and mint an NFT to the target, and the nextid (FNFTHandler.fnftsCreated) will be updated after the NFT is minted.

secondary title

#2 Summary Recommendations

The minting-related functions in this attack were not designed strictly according to the check-validation-interaction mode, and did not take into account the possibility of ERC1155 token transfer reentry.

It is recommended to strictly follow the check-validation-interaction design when designing the contract, and add anti-reentry functions to ERC1155 token-related DeFi projects.

So far, the attacker has still not transferred the assets, and Chengdu Lianan will continue to monitor.