DEFISECURITY

Beosin: Euler Finance attacked due to function logic error, loss of approximately $197 million

share
Beosin: Euler Finance attacked due to function logic error, loss of approximately $197 million

According to Beosin EagleEye, the security risk monitoring and warning platform of blockchain security audit company Beosin, on March 13, 2023, the DeFi lending protocol Euler Finance was attacked, resulting in a loss of approximately 197 million US dollars. Beosin Trace discovered that 34,224,863.42 USDC, 849.14 WBTC, 85,818.26 stETH, and 8,877,507.35 DAI were stolen. Currently, most of the stolen funds are still in the attacker's address, and the attacker has only transferred 100 ETH to Tornado Cash.

Table of Contents

According to the Beosin blockchain security audit company's Beosin EagleEye security risk monitoring, warning, and blocking platform, on March 13, 2023, the DeFi lending protocol Euler Finance was attacked, resulting in a loss of approximately 197 million US dollars. Beosin Trace discovered that 34,224,863.42 USDC, 849.14 WBTC, 85,818.26 stETH, and 8,877,507.35 DAI were stolen. Currently, most of the stolen funds are still in the attacker's address, with the attacker only transferring 100 ETH to Tornado Cash.

The Beosin security team analyzed one of the transactions as follows: 0xc310a0affe2169d1f6feec1c63dbc7f7c62a887fa48795d327d4d2da2d6b111d

1. The attacker first used Aave flash loaned 30 million DAI, then collateralized 20 million DAI to obtain 19,568,124 eDAI in collateral.

2. The attacker then called the mint function to borrow 195,681,243 eDAI (collateral asset) and 200,000,000 dDAI (debt asset) using the 19,568,124 eDAI, thus magnifying their eDAI balance tenfold.

3. The attacker then pledged the remaining 10 million DAI, borrowed another 195,681,243 eDAI and 200,000,000 dDAI.

4. The attacker subsequently performed a donateToReserves operation, destroying 100 million eDAI, causing eDAI to be less than dDAI, meeting the liquidation condition.

5. Finally, during liquidation, due to the attacker previously using the donateToReserves and mint functions, the ratio of collateral assets (eDAI) to debt assets (dDAI) was less than 1, causing the liquidator to liquidate the attacker's debt without transferring funds to the protocol. The attacker then withdrew the entire 38 million DAI from the Euler contract, returned 30 million DAI to Aave, and made a profit of approximately 8 million DAI.

This article is authorized and reposted from Foresight News. Foresight News is a Chinese content platform in the Web3 vertical field, committed to creating a Chinese entrance to the Web3 world with the basic principles of "objectivity and neutrality."