Summary:
On the 11th of July 2023, the Rodeo Finance on the Arbitrumchain was attacked. The attack was made possible by a Price Oracle Manipulation vulnerability. And around 472ETH was stolen by the hackers from the exploit.
About Project:
Rodeo is a DeFi protocol that allows users to earn a yield on a diverse range of managed and passive investment strategies. To learn more about them, check out their documentation.
Vulnerability Analysis & Impact:
On-Chain Details:
Attacker Address: 0x2f3788F2396127061c46fC07BD0fcb91faAcE328
Victim Contract: 0xE9544Ee39821F72c4fc87A5588522230e340aa54
Attack Transaction: 0x98f1e234faac8b7f7ceaffe4e8e0581038678d95710b646db45ec3de47e6c3af
The Root Cause:
- The attacker was able to force the platform to swap $USDC to $unshETH through the earn() function with the unconfigured strategy address.
- The root cause of this exploit is the bad implementation of TWAP Oracle. It uses ETH to unshETH reserve ratio for price.
- In the case of stableswap pool like this, the reserve ratio can go towards any single side.
This will amplify the price of ETH from the oracle.
- TWAP price is calculated by averaging the last 4 instances of updated price where each price updation occurs every 45 minutes.
- In this way, the contracts of Rodeo Finance will utilize this faulty price.
- Under normal circumstances, the price impact should have left a small amount of output tokens, but that did not happen as the contract was forced to believe that the position is healthy.
- In the end, the contract checks whether the execution is valid or not
- Since attacker can control this strategy, this check got bypassed
- Finally, the attacker was able to arbitrage the bad position by selling prepared unshETH back to the pool, taking the liquidity from the platform in the previous steps.
Attack Process:
- Manipulate the TWAP oracle by sandwiching the ‘update’.
- Open a leveraged position by calling Investor.earn() function and borrow $400k USDC
- Swap the assets into the underlying CamelotDEX pool.
- Sell the prepared unshETH back to the pool.
Flow of Funds:
The exploiter has bridged the stolen funds from Arbitrum to Ethereum, swapped 285 ETH for unshETH and deposited them to Ankr: ETH2 Staking, and transferred 150 ETH to Tornado Cash.
Complete resolution image here.
Attacker’s Wallets:
Here is a snippet of the attacker’s wallet. Check the complete details here.
After the Exploit
The Project acknowledged the hack via Twitter.
Incident Timelines
11-07-2023 (07:45:25 AM + UTC) – A suspicious activity was spotted on Rodeo Finance Contracts.
11-07-2023 (07:59:35 AM +UTC) – Exploiter swapped 285 unshETH .
11-07-2023 (08:13:59 AM +UTC) – Exploiter deposited 150 Ether to Tornado.Cash with a transaction fee of 0.015 Ether
Price Impact
The price of the RDO token dropped from $0.2 to $0.08 immediately following the attack. It is currently trading at $0.1 as of the time of writing this blog. See here.
How could they have prevented the Exploit?
The Exploit could have been prevented if Price Oracle had been correctly implemented.
Oracle should not rely on the ratio of both tokens to calculate the final price.
Also, multiple oracles should be used for price queries.
The best way to enhance platforms security is by using the service of a robust decentralized oracle such as Chainlink or by aggregating many different price feeds.
Web3 security- Need of the hour
Why QuillAudits For Web3 Security? QuillAudits is well-equipped with tools and expertise to provide cybersecurity solutions, saving millions in funds.
Want more Such Security Blogs & Reports?
Connect with QuillAudits on :
Linkedin | Twitter | Website | Newsletter | Discord | Telegram
Partner with QuillAudits :
- Affiliate program ( Refer and secure web3 )
- QuillAudits Partnership Programme ( Venture funds, launchpads, development companies, marketing firms, web2 cybersecurity firms, web3 products )
- Join Ambassador program