$7 000 000 USD
DESCRIPTION OF EVENTS
"The Maker Protocol, also known as the Multi-Collateral Dai (MCD) system, allows users to generate Dai by leveraging collateral assets approved by “Maker Governance.” Maker Governance is the community organized and operated process of managing the various aspects of the Maker Protocol. Dai is a decentralized, unbiased, collateral-backed cryptocurrency soft-pegged to the US Dollar. Resistant to hyperinflation due to its low volatility, Dai offers economic freedom and opportunity to anyone, anywhere."
"The flip contract allows for the MCD system to auction collateral in exchange for DAI. A lack of validation in the method flip.kick allows an attacker to create an auction with a fake bid value. Since the end contract trusts that value, it can be exploited to issue any amount of free DAI during liquidation. That DAI can then be immediately used to obtain all collateral stored in the end contract."
"The flipper contract (flip.sol) is intended to offer a way for the MCD contracts to obtain DAI by auctioning gems. An auction is initiated by calling the flip.kick method, which is normally done by the cat contract when it grabs collateral from a CDP. The implementation of that method, however, completely lacks access control and has very little validation -- in particular, it's possible to execute the method even during the liquidation phase."
"On top of that, all values stored in the auction are accepted as parameters of the method, including the bid amount. By directly calling the method, a malicious user can create a "fake" auction, with an arbitrary initial bid value, without spending the corresponding DAI."
"The issue described in this report allows an attacker to steal ALL collateral stored in the MCD system during the liquidation phase -- possibly within a single transaction. This would result in a complete loss of funds for all users. The cost of performing the attack is almost zero -- just the minimal denomination of each type of gem stolen plus gas."
"If exploited by hackers, the vulnerability could potentially have resulted in a single transaction wiping out all assets used as collateral to support the dai stablecoin if it had been undiscovered by launch."
"We have evaluated this and agree that leaving the Flip.kick function publicly callable opens an attack vector that could allow significant collateral loss during the End."
"We really appreciate you catching this bug and are accepting it as our first Critical finding in the program. We are awarding you the full $50,000 bounty. Congratulations!"
"Currently, there is over 1.5 million $ETH locked in Maker (1.4% of the total supply) worth over $250 million."
The MakerDAO auction platform had a vulnerability which would have allowed an attacker to create a fake bid without spending DAI, thereby effectively stealing the assets in question.
The vulnerability was discovered and resolved before it was exploited.
HOW COULD THIS HAVE BEEN PREVENTED?
There were no user funds lost in this case.
List of Ethereum Smart Contracts Post-Mortems - Security - OpenZeppelin Community (Jun 23)
HackerOne (Jun 23)
MakerDAO | An Unbiased Global Financial System (Jun 24)
The Maker Protocol White Paper | Feb 2020 (Jul 26)
Security Flaw Discovered That Could’ve Wiped Out $7 Million in Dai Collateral | Cryptoglobe (Jun 25)
Messari - Bitcoin & crypto price, news, charts, and research (Jun 25)
MakerDAO bug could've let hackers steal all the Ethereum powering its DAI stablecoin (Jun 25)