After the hack, the protocol’s TVL plummeted by around 75%, causing it to lose over $200 million. As a result, the protocol became rekt, with its current TVL standing at a mere $77k. This event had a ripple effect on other protocols, including Balance and Angle Protocol, as reported on rekt news. This repository contains a POC showcasing the hack, which was executed using reverse engineering techniques.
The attack transaction step-by-step:
- Call flahsloan on AaveV2 - although I did the POC using AaveV3
- Transfer the full loan balance to the violator contract
- Deposit 2/3 to Euler eDAI
- Create a 10x artificial eDAI leverage
- Repay half of the DAI violator’s position, causing dDAI balance to decrease
- Create another 10x artificial eDAI leverage
- Donate half of eDAI leveraged balance to the reserve of the eDAI
- Liquidates the violator position
- Clone this repo
cp .env.example .envand update the MAINNET_RPC_URL- If you have Nix installed, running
nix developwill give you access to a shell with Foundry. Otherwise, ensure you have it installed - Run exploit POC:
make exploit - Run invariant test:
make invariant
Upon reviewing Euler Finance, it appears that invariants.md contains the missing invariant checks, since there are no tests written for those invariants in InvariantsChecker.sol.
One of the invariants is as follows: No protocol action should be able to result in an account with risk adjusted liability > risk adjusted assets (checkLiquidity failing)
The root cause of the vulnerability was the lack of a health check in the account of the donateToReserves method caller. The situation could have been avoided if the aforementioned invariant test had been conducted.
To demonstrate an example of an invariant test, I’ve provided Invariant.t.sol. You can execute the test by running make invariant.
Please note that the test intentionally fails to exhibit the violation of the invariant.
You can comment out line 52 on Handler.t.sol to verify that the donateToReserves call is responsible for the invariant violation.