QUADRIGA INITIATIVE
CRYPTO WATCHDOG & FRAUD RECOVERY PLATFORM
A COMMUNITY-BASED, NOT-FOR-PROFIT
$35 000 000 USD
SEPTEMBER 2021
GLOBAL
VEE FINANCE
DESCRIPTION OF EVENTS
"Bridge the gap between traditional banking and crypto Defi Earn fixed/flexible return on deposited assets."
"Vee Finance is a DeFi lending platform for traditional financed and crypto users alike. They are committed to bridging the gap between traditional finance and DeFi and providing users with better digital asset management services." "Vee Finance is a lending protocol that is mainly forked from Compound Protocol and add leveraged trading logic on this basis. Users can obtain loan vouchers through mortgage assets, and the loan vouchers can be leveraged in the protocol. When performing leveraged transactions, users will lend funds from the contract, and then create an order through the VeeProxyController contract. When the order is created, the contract will swap the borrowed funds into the target token in Pangolin. When the order expires or the stop-profifit and stop-loss price is reached, reverse swap will be performed, and then the loan will be returned."
"The mission of the project is to reduce barriers for traditional users to participate in DeFi and optimize the efficiency of global asset allocation."
"To use the protocol, users supply their preferred asset that is accepted by the protocol. Users will be able to earn interest based on the asset's market demand for borrowing. Additionally, supplied assets can be used as collateral to allow the user to borrow other assets. Interest earned by supplying funds offsets the accumulated interest rates from borrowing."
"Funds are administered by Smart Contracts. Suppliers/Lenders will be given tokenized yield-bearing tokens (veTokens) which will be used to withdraw funds from the pool on-demand when required. "
"Top ten thievery. $34 million taken from Vee Finance earns them the number 7 spot on our leaderboard, yet nobody seems surprised. What’s normal for us is not normal elsewhere."
“The main cause of the accident was that in the process of creating an order for leveraged trading, only the price of the Pangolin pool was used by the oracle as the source of price feed, and the pool price fluctuated more than 3%. The oracle refreshed the price, causing the attacker to manipulate the price of the Pangolin pool. Manipulating the price of the Vee Finance oracle machine and the acquisition of the oracle machine price were not processed for decimals, resulting in the expected slippage check before the swap did not work.”
"The real reason is that the attacker creates a FAKE ctokenB and passes to the contract. Since the ctokenB is controlled by the attacker, it can return an arbitrary underlying token that is used for calculating the token price. This is the real root cause of the attack."
"1. When performing margin trading, the createOrderERC20ToERC20 function in the following code block will be called to create an order."
"2. When an order is created, the token exchange will be carried out through line 5 of the following code block." "3. Before the token exchange, the expected slippage will be checked through the getAmountOutMin function on line 9 of the following code block."
"4. During slippage check, the priceA and PriceB quotes of the oracle will be obtained through lines 12 and 13 of the following code block, and then the number of TokenA that can be exchanged for TokenB at the current price is calculated through line 15 of the following code block. . Finally, compare with the number of tokens acquired in the Pangolin pool. If the number of TokenB tokens that can be exchanged in the pool is greater than or equal to the expected number of TokenB that can be exchanged using the oracle, then it can be judged that the pool price is correct and not controlled, and the order creation logic is continued."
"5.However, through on-chain records, when the oracle price is obtained, the obtained price decimals has not been processed. Therefore, if the decimals of TokenB is much greater than the decimals of TokenA, then there will be deviations in the calculation of the expected amount ofexchangeable TokenB, amountFromOracle = priceA * swapAmountA / priceB will be smaller than expected."
"6. At the same time, in most attacks, the prices of TokenA and TokenB obtained by the oracle machine are equal, which shows that the price obtained by the oracle machine is wrong."
"7. After communicating with the project party, the project party reported that the source of the price feed for the oracle machine only uses the price of the Pangolin pool, and the price of the pool flfluctuates more than 3%, the oracle machine will refresh the price."
"8. Therefore, the attacker manipulates the number of Pangolin’s tokens to make Vee Finance’s oracle machine to refresh the price. This directly caused the contract to obtain the wrong price from the oracle during the slippage check, which caused the slippage check to be bypassed."
"The attacker forged cTokenB for leveraged transactions. Taking WBTC.e & XAVA as an example, getUnderlying(createParams.ctokenB) when performing getAmountOutMin is the XAVA address obtained by passing in the forged cTokenB from the attacker. But when the price is obtained through getUnderlyingPrice(createParams.ctokenB), if the cToken is not in the list supported by the oracle, then the underlying price of cTokenB will be obtained through the oracle’s getTokenConfigByUnderlying(CErc20(cToken).underlying()). The underlying price at this time is taken by WBTC.e."
"In summary, the attacker used the cToken forgery issue and the decimals processing issue of Oracle price to attack."
"According to address monitoring, the attacker has not yet transferred or processed the attacked assets any further. We maintain communication with attacker and trying to negotiate a solution." "Put out a 500,000 USD worth bounty for the person or team who can track down the attacker."
"Filed the police report to the local police station in the United States and put out a 500,000 USD worth bounty for the person or team who can track down the attacker." "Worked with security companies to investigate the attack. And collected pretty much of the attacker’s on-chain historical transaction and off-chain cipher activities." "Due to the significant amount of loss and potential link to other DeFi attacks, the local authority has escalated this case to the FBI."
"Vee.Finance will bear all the losses. And we have decided to 100% compensate all lenders/depositors."
"Current version (v1) will be suspended, with only Withdraw & Repay functions open. In addition, we will also make some changes to the UI pages, such as the content displayed on the Dashboard page and the function display on the left menu bar."
"After the audit, the new version of smart contracts will be deployed as V2, a brand-new pool with VEE rewards. Trade function will not be available. Stable Coin Sector and Crypto Sector will relaunch in the next early week."
"We have published a plan designed to compensate everyone for their losses as soon as possible. And we will fully fulfill our obligations according to the plan. Compensation details will be published after the voting is over."
"From now on, we’ll do better and better. We’ll listen to every voice in the community and provide better feedback. You supported us; we’ll pay back with our future hard work."
"We started a poll, where users who suffered loss can decide how we are going to compensate them." "The vote on compensation plan ended, with a total of 143 users voting, out of 466 eligible voters. 68% of these users chose “ token as they are”, we hear the community’s voice, and will compensate users in the form of “token as they are”."
"We will start to implement the compensation plan while relaunching Vee.Finance platform next week. A compensation pool dedicated to pay out depositors who suffered losses will be created. Inside the pool will be five tokens AVAX, WBTC, WETH, LINK and USDT, and users can withdraw funds at any time according to their share."
"We will credit the entire month’s earnings of the platform to the compensation pool at the end of each month. The first deposit will be on October 31, 2021, EST."
"In this collaboration with SlowMist, we not only audited the protocol smart contract code but also do a complete audit of all the security-related steps. In addition, we are executing all unit tests in more detail to test all functions and extreme scenarios are also being implemented to prepare for attacks through smart contracts."
"All users who supplied in V1 Crypto pool but were unable to withdraw their assets after the attack. Their relevant wallets will be eligible to withdraw funds in the compensation pool."
"According to the compensation plan, we will deposit all the retrievable revenue into the pool on October 31, 2021. The number of tokens deposited will be calculated as a percentage of their dollar value and the token price will be based on a snapshot as of October 28 EDT, since there would be processing time for the team to exchange the revenue for compensation tokens according to the size of different pools. And we will take out the reserve income on the 28th of each month in the future."
"The eligible users can withdraw funds at any time according to their share. For example, there is $300K in the compensation pool in October and a user’s withdrawable share is 1%, the share he would withdraw is $3,000. When there are new funds in the compensation pool, the user can then continue to withdraw funds according to his share."
Vee Finance is a decentralized lending platform, which operates through a smart contract hot wallet. Through the creation of a fake token, the hot wallet was breached, and the funds were removed to the hacker. The Vee Finance team has since undertaken some efforts to retrieve the funds from the attacker, however there is no indication those have achieved any result. They are currently running a compensation program using the future profits of the protocol.
HOW COULD THIS HAVE BEEN PREVENTED?
Hot wallets should either not store customer funds, or be insured fully through smart contract insurance or our proposed industry insurance fund.
Rekt - Vee Finance - REKT (Sep 28)
The Real Root Cause Of The Vee Finance Security Incident (Oct 2)
The Main Cause Of Vee Finance Attack (Oct 2)
Vee Finance (Oct 20)
Redefining DEX and How Vee.Finance does improve user experience? : VeeFinance (Oct 20)
https://coinmarketcap.com/currencies/vee-finance/ (Nov 7)
Introduction to Vee.Finance - Vee.Finance | V2 (Nov 7)
Vee Finance Attack Analysis (Nov 7)
Transaction 0x15a7b29c11ee8c1705e3b7e555fc5f35d862e439f62271c9dcda942ea525685a - Avalanche Explorer (Nov 7)
Transaction 0x797544ebce8acd384c162ad20bed30caadd852ed0a5b71550ab2f37c186840bd - Avalanche Explorer (Nov 7)
Transaction 0x50a136886e45d018f84f194e49d47aaaa34e1bd5f2b51f2bdc42e4fd20999062 - Avalanche Explorer (Nov 7)
Transaction 0x031f388aabfa26df922603c377e002713c6315e2660b89e9eea0f0983fbe137c - Avalanche Explorer (Nov 7)
Transaction 0x072c8cb4a3d71f833d9b22965993657fd2a38e599ed0bcaa37554b39ac0be1b0 - Avalanche Explorer (Nov 7)
Transaction 0xc490b881f7434af48a1f39ca2d71064e93a1802b5853e3312e8800468dc83b81 - Avalanche Explorer (Nov 7)
Transaction 0xfd2c5979d2857f385cc0b055a2a4320e0e63e389404fd9e12a169dbdb5b20ac0 - Avalanche Explorer (Nov 7)
Transaction 0x83821d9869467395583f1d42be15b5e0387e30634fcc2ac75d005ac190dc94dc - Avalanche Explorer (Nov 7)
Transaction 0xb9581cb407c67db29a18ce9f056be69d05e0c47909c988a9fd0fe07589bf9709 - Avalanche Explorer (Nov 7)
The Main Cause Of Vee Finance Attack (Nov 7)
Vee and Zabu Finance Exploits: Two Uncannily Similar Attacks | TRM Insights (Nov 7)
Vee Finance Latest Updates Sept 22 (Nov 7)
@VeeFinance Twitter (Nov 7)
Latest Update Compensation Plan Sept 25 (Nov 7)
Latest Update Sept 26 (Nov 7)
Latest Update Sept 27 (Nov 7)
Vee Finance Restart Plan Sept 28 (Nov 7)
Latest Update September 30 (Nov 7)
Latest Update October 1 (Nov 7)
Latest Update October 2 (Nov 7)
Vee Finance Roadmap For V2 (Nov 7)
Vee Finance V2 Relaunch On October 7th (Nov 7)
