foreword

foreword

On June 13, 2022, Beijing time, Zhichuangyu Blockchain Security Lab monitored that the FSwap decentralized exchange project on the BSC chain was attacked by a flash loan, resulting in a loss of 1,751 BNB of about 390,000 US dollars.

Knowing that Chuangyu Blockchain Security Lab tracked and analyzed this incident for the first time.

basic information

FSwap is a decentralized exchange project that enables efficient on-chain liquidation of encrypted assets and cross-chain transactions of assets.

Attacker address: 0x000c84c59385b64c3ea4d48cc3fca1f08f3abcfc

tx：0xe75e30dafd865331e6a002d50effe084c21e413c96d4550d5e09cf647686fcbe

FSwapPair contract: 0x0d5F1226bd91b5582F6ED54DeeE739CAC49C37Db

Vulnerability analysis

Vulnerability analysis

The key to the vulnerability is that the swap method in the FSwapPair contract will send the reserve token in the pair contract as a handling fee to the feeto address when calculating the handling fee for each transaction, which will lead to a decrease in the number of tokens in the pool, causing the token The price rises, and the attacker is able to arbitrage it.

attack process

1. The attacker used flash loan to loan 3 million BSC-USD tokens in BiSwap, and exchanged 2.55 million BSC-USD tokens for more than 540,000 MC tokens in Fswap;

2. Then the attacker repeatedly borrowed and repaid the flash loan in the contract to consume the MC tokens in the pool, so that the number of MC tokens in the pool decreased sharply, and the price also rose rapidly;

4. The attacker repays the flash loan, swaps the remaining BSC-USD tokens, earns 1751 BNB, and finally self-destructs the contract and leaves the market.

Summarize

Summarize

The core of this attack is that the project party mistakenly set the fee collector as the pair contract instead of the user itself, which resulted in the consumption of tokens in the pool and arbitrage risks.

It is recommended that the project party should strictly review the implementation of the fee collection logic in the function when writing the project. Here, the fee collection object should be set to the user instead of the pair contract.