$129 000 USD

APRIL 2024




"Why use a bridge when you can FLY Trading any tokens between any chains - without the need to bridge, is what makes Magpie your efficient app to navigate DeFi."


"Our innovative design requires fewer transactions and confirmations." "Magpie is fully non-custodial. Your assets are in your control at all times." "Swap with speed between any chain of your choosing."


"Magpie serves as a sort of flightpath for the flock, introducing users to multiple blockchain networks and their corresponding protocols and features.


By flying through the typical barriers of going cross-chain, Magpie users can easily explore the multitude of opportunities offered on different networks, not only expanding the user base for individual projects across these chains but also fueling innovation as ideas and perspectives are shared across platforms."


"Magpie harnesses the liquidity from existing DEXs and bridge liquidity pools, both within chain and cross-chain.


This greatly reduces fragmentation and maximizes liquidity usage, resulting in improved market depth, cost-efficiency, reduced slippage, and better pricing on assets. The more liquidity networks we aggregate, the better our order router becomes. We're able to find the best deal on assets in real time, routing through anything to get there.


By utilizing the liquidity of well-established platforms, Magpie ensures that liquidity providers on these networks and protocols continue to benefit and contribute to the overall ecosystem in DeFi, and as the swaps go through those liquidity pools, they can still earn their rewards."


"The integration of multiple protocols through Magpie brings together the strengths of each, creating a more user-friendly and robust DeFi experience.


Magpie enables seamless cross-chain swaps by using bridges such as Wormhole, for cross-chain messaging, and Stargate, for deep liquidity reserves, so users can trade assets cross-chain seamlessly across different blockchains, unlocking a broader range of investment or trading opportunities.


Through the use of these integrations with Magpie, we enable the ability to access and swap thousands of different tokens cross-chain, both efficiently and securely, rather than limiting swaps to a handful of native assets and stablecoins."


"These all represent a significant step towards realizing the full potential of cross-chain growth and a multichain future. By connecting users to new blockchains, leveraging liquidity networks, and integrating different blockchain protocols, we pave the way for increased collaboration, innovation, and seamless, user-friendly transactions across blockchains.


As the DeFi landscape continues to evolve, Magpie will be here to be sure to create a more interconnected, efficient, and user-centric decentralized finance ecosystem."


"The decentralized liquidity aggregation protocol Magpie Protocol was attacked due to a contract vulnerability, resulting in $129,000 being stolen from 221 wallets. The root cause is due to unchecked call data. The attacker called the contract's swap() function and passed in data which included a list of users to transfer tokens from."


"Our router, MagpieRouterV2, is supposed to work as a router, nothing more. Which means it is not supposed to have funds and only do the required aggregation and send the tokens to the target address. We made our router flexible for aggregation in a way that we can construct complex calls which helps us to work gas cost efficiently with almost any protocol (it doesn’t require continuous contract updates for every protocol, and more importantly, optimized user gas usage).


From a security standpoint, one of the most important parts is the function selector. The function parameters shouldn’t be an issue since the contract is not supposed to hold funds and from the user’s perspective the most important thing is at the end of execution the minimum amount of the requested asset has to be received. With this, the most critical issue was to deny transfers from approved funds if the initiator is not the user itself."


"The way we construct our commands had a bug where we check for the validity of the selector, and the constructed input length, but not the position of the selector. The exploiter created an address which starts with one of the approved selector."


"We have contacted the attacker, and we have gotten no response back as of this writing. If you are reading this, we would be extremely grateful to provide a generous bounty and would obligate ourselves not to disclose any information about your identity."


"Resetting all selectors to 0 prevents this exploit since there is a check in the contract to not execute any custom calls where the selector is not defined."


"We will check the selector in the finalized input before the execution of the command to make sure it cannot execute `transferFrom` if it is not initiated by the sender. We will add a pause functionality to the swap just in case if any future emergency happens.


We are also considering adding a 3rd party to our contracts to monitor and pause our swaps if any unusual activity happens."


"We are in contact with Cube3AI, Hypernative, among others to secure the next version of our contracts. With a protocol like Cube3AI, it would enable RASP (Runtime Application Self Protection), allowing us to block risky and fraudulent transactions in real-time. This will also automatically alert anyone to an attempted exploit or hack.


Additionally, we are integrating Web3Shield as our insurance partner, which allows our users to get insurance by paying a premium in the same token they are swapping when bridging assets."


"We have just recently sent our reimbursements to all of the affected wallets. We are dedicated and incredibly thankful for our community and want to thank you all for being so understanding during this emergency situation. Until then, after the fix is applied to the contracts, we will conduct an audit with QuillAudits before releasing the new version, so our app will be down for maintenance until then."

Magpie Protocol offers efficient cross-chain trading without the need for bridges, enabling users to navigate DeFi seamlessly, facilitating seamless cross-chain swaps. It emphasizes fewer transactions and full non-custodial control of assets. Despite a recent attack due to a contract vulnerability resulting in a loss of $129,000 from 221 wallets, Magpie is taking steps to enhance security, including resetting selectors and collaborating with security firms like Cube3AI. They've reimbursed affected wallets and plan to conduct audits before releasing a new version.

Sources And Further Reading

 For questions or enquiries, email info@quadrigainitiative.com.

Get Social

  • email
  • reddit
  • telegram
  • Twitter

© 2021 Quadriga Initiative. Your use of this site/service accepts the Terms of Use and Privacy Policy. This site is not associated with Ernst & Young, Miller Thompson, or the Official Committee of Affected Users. Hosted in Canada by HosterBox.