$130 000 000 USD





"C.R.E.A.M. Finance is a decentralized lending protocol for individuals, institutions and protocols to access financial services. Part of the yearn finance ecosystem, it is a permissionless, open source and blockchain agnostic protocol serving users on Ethereum, Binance Smart Chain and Fantom. Users who are passively holding Ethereum or Bitcoin can deposit their assets on C.R.E.A.M. to earn yield, similar to a traditional savings account."


"According to The Block report, Cream Finance, the DeFi lending agreement, was attacked and lost approximately US$130 million." "The initial funds of the hacker address came from 20 ETH withdrawn from @TornadoCash."


“We are investigating an exploit on C.R.E.A.M. v1 on Ethereum and will share updates as soon as they are available,” the CREAM Twitter account noted at 11:04 AM New York time.


"This attack was a mix of economic and oracle exploits." "The key vulnerability lies in the price calculation of a wrappable token." "The hacker was able to take advantage of a pricing vulnerability by repeatedly lending and borrowing flash-loaned funds across two addresses."


"Next, after accumulating yUSDVault-collateralised crYUSD, the price of the underlying yUSDVault token was manipulated in order to effectively double the value of the collateral owned by the attacker."


"Finally, using the now overvalued collateral, the attacker drained CREAM’s lending vaults of as many assets as possible."


“This was one of the most sophisticated and cleanly executed DeFi attacks. The summary of the attack is that the attacker borrowed $1.5b of Yearn’s yUSD vault shares against $2b worth of collateral. They then doubled the value of the shares atomically by donating yUSD to the yearn vault. This meant that their debt on Cream became $3b against a $2b collateral. They can now default and take home a sweet $1b profit. Cream only had $130m assets available for lending, so the attacker was limited to $130m profits,” summarized blockchain security researcher Mudit Gupta in a blog.


"The stolen funds were mainly Cream LP tokens and other ERC-20 tokens." "A full table of the stolen funds, which include over 2760 ETH, a total of 76 BTC in renBTC, WBTC and HBTC, as well as tens of millions in stablecoins and other tokens, can be found here."


"As communicated earlier, we have patched the vulnerability and only our Ethereum v1 markets were impacted. All other C.R.E.A.M. Finance v1 markets and the Iron Bank are safe." "We have suspended all interactions with our Ethereum v1 markets. crTokens on C.R.E.A.M. Ethereum v1 markets are locked and cannot be transferred. Our friends at Yearn Finance successfully salvaged $9.42 million the attacker “donated” to the yUSD vault." "We have stopped all supply/borrow of wrappable tokens, including all PancakeSwap LP tokens."


The attacker wrote a message in the transaction “gÃTµ Baave lucky, iron bank lucky, cream not. ydev : incest bad, dont do.” This appears to imply that CREAM’s Iron Bank is untouched.


"We encourage the attacker to reach out and begin a dialogue for the return of our users' funds. They are impacting everyday users of DeFi and we would like them to do the right thing. We will honor a bug bounty of 10% upon return of funds."


"The hacker is currently divided into two paths to try to launder money: 1. The hacker exchanges tokens for Ether through Paraswap." "The hacker uses Paraswap to exchange tokens such as WBTC and BADGER into renBTC, and uses renBridge to cross-chain a total of 102.83 BTC."


"In addition, there are more than $60 million of funds staked in Uniswap, SushiSwap, Curve and other DeFi protocols."


"The community is discussing shorting the CREAM token as a way of recovering some of the lost assets. The CREAM token was at $116.68 in morning trading New York time Wednesday, from $156.85 yesterday, or a 25% decline. It had fallen to as low as $108.15 earlier."


"The attacker removed ~$130m USD worth of tokens from C.R.E.A.M. Ethereum v1 markets. We are working to repay lost funds, starting with a partial payment. Details of this repayment plan will be announced in the coming days."


"Our community and users will always remain our top priority. We are working with authorities to trace the attacker and have created a plan to restore funds lost. We will disclose the details of this repayment plan as soon as everything is finalized."


"We appreciate your support as we work through the next steps for C.R.E.A.M. Finance and what this means for everyone. We explored every option that was available to us before arriving at the conclusion that this is the best path forward."


"We will distribute 1,453,415 CREAM tokens to impacted users. We are utilizing remaining CREAM tokens within the treasury, and removing the project team's remaining CREAM token allocation. There will be no further CREAM allocations to the team."


"Impacted users can claim their CREAM tokens at this time. This claim process will be available for 1 year.


Users who have successfully made full insurance claims from Nexus Mutual or Bridge Mutual will not be eligible to claim CREAM."


"We have tightened our token listing strategy to no longer include long-tail assets nor tokens that can be wrapped/unwrapped. Collateral Cap limits are deployed across all markets to increase security. Additional monitoring and alerting solutions are being implemented."


"We appreciate the patience of our community as we work through next steps. Once further details are finalised, we will be able to share more to our community and thank everyone again for their support."

Cream Finance suffered a complex attack to the liquidity stored in their smart contract hot wallets. The attacker came from, and returned to TornadoCash, and didn't appear to respond to any attempts to contact them. The contracts in question have been disabled, and Cream Finance has so far only released Cream tokens to those affected, which many users reported having a market value of less than half the value of their lost assets.


While Cream Finance may reduce the risks through eliminating long-tail assets, and wrapped assets can make it easier for hackers to cash out, the real solution is to have the majority of funds offline.


Check Our Framework For Safe Secure Exchange Platforms

Sources And Further Reading

 For questions or enquiries, email info@quadrigainitiative.com.

Get Social

  • email
  • reddit
  • telegram
  • Twitter

© 2021 Quadriga Initiative. Your use of this site/service accepts the Terms of Use and Privacy Policy. This site is not associated with Ernst & Young, Miller Thompson, or the Official Committee of Affected Users. Hosted in Canada by HosterBox.