On July 18, 2023 Beijing time, Ocean BNO was attacked by a flash loan attack, and the attacker has profited about $500,000.
SharkTeam conducted a technical analysis of the incident in a timely manner and summarized security measures. It is hoped that future projects can learn from this and build a security defense line in the blockchain industry.
I. Incident Analysis
- The Combination of DEPIN and ARWEAVE Creating a Physical World Avatar
- Why does Sui’s on-chain transaction volume surpass Solana and is 20 times that of Ethereum?
- Opinion UniswapX will change the game rules of DEX, MEV, and interoperability.
Contract under attack:
(1) The attacker (0xa6566574) borrowed 286,449 BNO through LianGuaincakeSwap flash loan.
(2) Then, the stakeNft function of the contract under attack (0xdCA50344) was called to stake two NFTs.
(3) Then, the pledge function of the contract under attack (0xdCA50344) was called to stake 277,856 BNO coins.
(4) The emergencyWithdraw function of the contract under attack (0xdCA50344) was called to withdraw all BNO.
(5) Then, the unstakeNft function of the contract under attack (0xdCA50344) was called to retrieve the two staked NFTs and receive additional BNO tokens.
(6) Repeat the above process to continuously obtain additional BNO tokens.
(7) Finally, after returning the flash loan, all BNO tokens were exchanged for 50.5W BUSD tokens to make a profit and exit.
II. Vulnerability Analysis
The root cause of this attack is that there are problems with the interaction logic between the reward calculation mechanism and the emergency withdrawal function in the contract under attack (0xdCA50344), which allows users to receive an additional reward token after withdrawing the principal.
The contract provides the emergencyWithdraw function for emergency token withdrawal, and it clears the attacker’s total staked amount (allstake) and total debt (rewardDebt), but it does not clear the attacker’s nftAddition variable, which is also calculated based on the allstake variable.
In the unstakeNft function, the current reward for the user is still calculated. In the case where the nftAddition variable is not zeroed, the pendingFit function will still return an additional BNO reward value, resulting in the attacker obtaining extra BNO tokens.
III. Security Recommendations
In response to this attack incident, the following precautions should be followed during the development process:
(1) When calculating rewards, verify whether the user has withdrawn the principal.
(2) Before the project goes live, seek technical assistance from third-party professional audit teams.