Type: #logicFlow
Project: yearn finance
Date: 13/04/23
Blockchain: ETH
Problem: Misconfiguration. Used the Fulcrum iUSDC token instead of the Fulcrum iUSDT token.
The iearn USDT token (yUSDT) has been broken since deploy, which was over 1000 days ago. Because the pool value is computed as the sum of the value of derivatives + USDT contract balance, if the contract withdraws bZxUSDC into USDC, the bZxUSDC value is lost, reducing the pool value.
The Hacker:
1) Buys yUSDT from Curve.
2) Mints bZxUSDC, sends it to the contract, increasing the price per share.
3) Redeems bought yUSDT to USDT. This withdraws everything from Aave first.
4) yUSDT is now fully invested in bzxUSDC.
5) Triggers a rebalance withdrawing bZxUSDC into USDC, reducing the value per yUSDT to literally 0.
6) Sends 1 wei of USDT to the contract and mints yUSDT at 1 wei per yUSDT - the attacker can essentially mint yUSDT for free.
7) Sells unlimited yUSDT back into the Curve pool for profit.
Rebalance decides what to invest in based on the APR of the protocols. Current provider was AaveV1, to rebalance into a different provider attacker had to reduce Aave's APR to 0 by repaying every single borrower.
Discoverer: NaN. was hacked
Harm: 11.6 M $
link
Project: yearn finance
Date: 13/04/23
Blockchain: ETH
Problem: Misconfiguration. Used the Fulcrum iUSDC token instead of the Fulcrum iUSDT token.
The iearn USDT token (yUSDT) has been broken since deploy, which was over 1000 days ago. Because the pool value is computed as the sum of the value of derivatives + USDT contract balance, if the contract withdraws bZxUSDC into USDC, the bZxUSDC value is lost, reducing the pool value.
The Hacker:
1) Buys yUSDT from Curve.
2) Mints bZxUSDC, sends it to the contract, increasing the price per share.
3) Redeems bought yUSDT to USDT. This withdraws everything from Aave first.
4) yUSDT is now fully invested in bzxUSDC.
5) Triggers a rebalance withdrawing bZxUSDC into USDC, reducing the value per yUSDT to literally 0.
6) Sends 1 wei of USDT to the contract and mints yUSDT at 1 wei per yUSDT - the attacker can essentially mint yUSDT for free.
7) Sells unlimited yUSDT back into the Curve pool for profit.
Rebalance decides what to invest in based on the APR of the protocols. Current provider was AaveV1, to rebalance into a different provider attacker had to reduce Aave's APR to 0 by repaying every single borrower.
Discoverer: NaN. was hacked
Harm: 11.6 M $
link