Azoundria: Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/terramoneyibchookreentrancyvulnerability.php}} {{Unattributed Sources}} Terra Money Logo/HomepageThe Terra blockchain is a hard fork of the original Terra Luna blockchain which crashed due to a failure of the algorithmic stablecoin UST. An emergency patch was issued for a critical reentrancy vulnerability in April to all blockchains which are part of the Co..."

2024-09-25T20:24:27Z

Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/terramoneyibchookreentrancyvulnerability.php}} {{Unattributed Sources}} thumb|Terra Money Logo/HomepageThe Terra blockchain is a hard fork of the original Terra Luna blockchain which crashed due to a failure of the algorithmic stablecoin UST. An emergency patch was issued for a critical reentrancy vulnerability in April to all blockchains which are part of the Co..."

New page

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/terramoneyibchookreentrancyvulnerability.php}}
{{Unattributed Sources}}

[[File:Terramoney.jpg|thumb|Terra Money Logo/Homepage]]The Terra blockchain is a hard fork of the original Terra Luna blockchain which crashed due to a failure of the algorithmic stablecoin UST. An emergency patch was issued for a critical reentrancy vulnerability in April to all blockchains which are part of the Cosmos ecosystem. Unfortunately, Terra did not upgrade their protocol to apply the patch. It was exploited to take millions of dollars worth of assets. Some assets have been recaptured so far.<ref name="slowmisthackedarchive-14855" /><ref name="theblock-14894" /><ref name="terramoney-14895" /><ref name="wikipedia-14896" /><ref name="terramoneytwitter-14778" /><ref name="cryptobriefing-14780" /><ref name="beosinalerttwitter-14781" /><ref name="coindesk-14897" /><ref name="terramoneytwitter-14898" /><ref name="businessinsidermarkets-14899" /><ref name="coinpedia-14900" /><ref name="range-14901" /><ref name="cosmosgithub-14775" /><ref name="etherscan-14902" /><ref name="etherscan-14903" />

== About Terra Money ==
"Terra is a blockchain protocol and payment platform used for algorithmic stablecoins. The project was created in 2018 by Terraform Labs, a startup co-founded by Do Kwon and Daniel Shin. It was best known for its Terra stablecoin and the associated LUNA reserve asset cryptocurrency."

"Terra hosts a vibrant ecosystem of diverse products and services. Create a Station wallet to start exploring and interacting with an array of ecosystem applications. With Pulsar Finance, the leading Web3 portfolio tracker, you can effortlessly monitor all your tokens, DeFi positions, and NFTs across Terra and over 100 other blockchains."

"Fueled by the passionate #LUNAtic community and deep developer talent pool, the Terra blockchain is built to enable the next generation of Web3 products and services. Build crypto's next killer app using Terra's suite of developer tools and resources."

"Terra was hard forked from the Terra Classic network following a major financial collapse in 2022, which was triggered by its algorithmic stablecoin, UST, losing its supposed peg to the US dollar."

== The Reality ==
"The vulnerability was identified a few months ago and patched across the Cosmos ecosystem in April. However, a later upgrade in June on Terra failed to include this patch, leading to renewed exposure and the subsequent exploit, Zaki Manian, co-founder of Sommelier Protocol, explained."

"This bug was known as the IBC reentrancy infinite mint bug, and all Cosmos chains issued an emergency patch to remediate this issue."

"In April 2024 theIBC-Go library issued an emergency patch for the reentrancy bug. The affected version that is relevant to Terra is < 7.4.0. Terra was utilizing a custom version of IBC-Go 7.3.1 at the time of the attack (github.com/terra-money/ibc-go/v7 v7.3.1-terra.0) that was vulnerable to the exploit."

== What Happened ==
The specific events of the loss and how it came about. What actually happened to cause the loss and some of the events leading up to it.
{| class="wikitable"
|+Key Event Timeline - Terra Money IBC Hook Reentrancy Vulnerability
!Date
!Event
!Description
|-
|April 5th, 2024 6:21:00 AM MDT
|Reentrancy Article Published
|"ASA-2024-007: Potential Reentrancy using Timeout Callbacks in ibc-hooks" is published which outlines the exploit.
|-
|July 30th, 2024 6:18:35 AM MDT
|Funds Bridged In
|The attacker starts to bring in funds from Ethereum to their wallet.
|-
|July 30th, 2024 5:09:11 PM MDT
|First Exploit Transfer
|The first transfer of Ethereum funds from the exploit, which are bridged in through Uniswap.
|-
|July 30th, 2024 7:39:23 PM MDT
|Final Exploit Transfer
|The final swap related to the exploit transactions.
|-
|July 30th, 2024 10:06:00 PM MDT
|Terra Pause Announced
|Terra announces a pause in the blockchain starting shortly at block #11,430,400.
|-
|July 30th, 2024 10:17:05 PM MDT
|Terra Blockchain Paused
|The terra blockchain is paused to deal with the vulnerability.
|-
|July 31st, 2024 12:20:06 AM MDT
|The Block Article
|The Block publishes an article on this incident.
|-
|July 31st, 2024 1:23:00 AM MDT
|Beosin Tweet Posted
|Beosin posts a tweet about the reentrancy vulnerability which was exploited.
|-
|July 31st, 2024 1:31:00 AM MDT
|Cyvers Tweet
|Cyvers tweets about the exploit further.
|-
|July 31st, 2024 1:40:00 AM MDT
|Terra Blockchain Resumed
|The Terra blockchain announces that it's been resumed.
|}

== Technical Details ==
"In April 2024 theIBC-Go library issued an emergency patch for the reentrancy bug. The affected version that is relevant to Terra is < 7.4.0. Terra was utilizing a custom version of IBC-Go 7.3.1 at the time of the attack (github.com/terra-money/ibc-go/v7 v7.3.1-terra.0) that was vulnerable to the exploit."

"According to Zaki Manian, co-founder of Sommelier Finance, although the vulnerability was patched in the Cosmos ecosystem back in April, Terra did not include this patch in their June upgrade, resulting in the vulnerability being re-exposed and exploited."

"Terra blockchain experienced a security breach that led to the theft of tokens. The attackers exploited a known vulnerability related to the third-party module IBC hooks, stealing the value of cross-chain assets, including USDC stablecoins and Astroport tokens. The Terra team has taken emergency measures to prevent further losses and coordinated with validators to apply a patch to fix the vulnerability."

"“There was a vulnerability in IBC hooks discovered by Composable Finance in April. It was patched across Cosmos. Terra was patched then,” Manian told The Block. “It appears that Terra's June upgrade did not include the patch. All the Axelar USDC bridged to Terra was stolen using the IBC hooks exploit. A large amount of ASTRO was also stolen.""

== Total Amount Lost ==
The total amount lost has been estimated at $5,280,000 USD.

How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?

== Immediate Reactions ==
"Attention Terra users: Please be advised that the chain will be halted shortly at block height 11430400 and transactions will not be processed during this time.

We will be working with the validators on Terra (phoenix-1) to apply an emergency patch thereafter to remediate a suspected exploit."

== Ultimate Outcome ==
"The Terra chain has resumed block production at approximately 4:19 AM UTC today and the emergency chain upgrade is now complete.

Transactions are now being processed, and users may resume normal activities.

Validators holding over 67% of the voting power on Terra have upgraded their nodes to prevent the exploit from recurring. More validators are expected to upgrade soon."

"After these events, both the Terra and Astroport teams took swift action to lessen the impact of the attack. The Terra team upgraded the IBC-Go version appropriately and also introduced a new blacklist antehandler. This will effectively add a step to the transaction pre-processing to see if the transaction signer is on a list of blacklisted addresses, and if so, it will block the transaction. It is important to note that this blacklist only has one address, and it is the ibc-exploiter’s terra address that is holding around $650,000 USD in stolen funds, mainly consisting of 20,000,000 ASTRO. These funds are now locked and are out of circulation.

The Astroport team was able to seize the ASTRO in the attacker's Neutron wallet because ASTRO recently migrated from a cw20 Terra token to a tokenfactory denom on Neutron. This gives the token admin unique privileges to recover the funds. This was accomplished through a force transfer from the attacker's Neutron wallet. It should be noted that this action was only possible on the origin chain of the Astro token (Neutron in this case) and would not have been possible if the token versions were wrapped."

== Total Amount Recovered ==
The total amount recovered is unknown.

What funds were recovered? What funds were reimbursed for those affected users?

== Ongoing Developments ==
What parts of this case are still remaining to be concluded?
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="slowmisthackedarchive-14855">[https://web.archive.org/web/20240808214412/https://hacked.slowmist.io/ SlowMist Hacked - SlowMist Zone] (Accessed Aug 8, 2024)</ref>

<ref name="theblock-14894">[https://www.theblock.co/post/308440/attacker-exploits-ibc-hooks-vulnerability-to-steal-tokens-on-terra-blockchain https://www.theblock.co/post/308440/attacker-exploits-ibc-hooks-vulnerability-to-steal-tokens-on-terra-blockchain] (Accessed Aug 12, 2024)</ref>

<ref name="terramoney-14895">[https://www.terra.money/ Terra] (Accessed Aug 12, 2024)</ref>

<ref name="wikipedia-14896">[https://en.wikipedia.org/wiki/Terra_(blockchain) Terra (blockchain) - Wikipedia] (Accessed Aug 12, 2024)</ref>

<ref name="terramoneytwitter-14778">[https://twitter.com/terra_money/status/1818498438759411964 @terra_money Twitter] (Accessed Aug 6, 2024)</ref>

<ref name="cryptobriefing-14780">[https://cryptobriefing.com/terra-blockchain-exploit-6m/ Terra hit by $6 million loss as attacker exploits vulnerability known since April] (Accessed Aug 6, 2024)</ref>

<ref name="beosinalerttwitter-14781">[https://twitter.com/BeosinAlert/status/1818548029416411279 @BeosinAlert Twitter] (Accessed Aug 6, 2024)</ref>

<ref name="coindesk-14897">[https://www.coindesk.com/tech/2024/07/31/terra-blockchain-restarts-after-4m-exploit/ Terra Blockchain Restarts After Reentrancy Attack Leads to $4M Exploit] (Accessed Aug 12, 2024)</ref>

<ref name="terramoneytwitter-14898">[https://twitter.com/terra_money/status/1818552290372206614 @terra_money Twitter] (Accessed Aug 12, 2024)</ref>

<ref name="businessinsidermarkets-14899">[https://markets.businessinsider.com/news/currencies/terra-blockchain-restarts-after-4m-exploit-1033617551 Terra Blockchain Restarts After $4M Exploit | Currency News | Financial and Business News | Markets Insider] (Accessed Aug 12, 2024)</ref>

<ref name="coinpedia-14900">[https://coinpedia.org/news/terra-blockchain-hack-6-8-million-stolen-astro-plummets-60/ Terra Blockchain Hack: $6.8 Million Stolen, ASTRO Plummets 60%] (Accessed Aug 12, 2024)</ref>

<ref name="range-14901">[https://www.range.org/blog/terra-ibc-hooks-exploit-analysis Terra IBC Hooks Exploit Analysis - Range Security] (Accessed Aug 12, 2024)</ref>

<ref name="cosmosgithub-14775">[https://github.com/cosmos/ibc-go/security/advisories/GHSA-j496-crgh-34mx ASA-2024-007: Potential Reentrancy using Timeout Callbacks in ibc-hooks · Advisory · cosmos/ibc-go · GitHub] (Accessed Aug 6, 2024)</ref>

<ref name="etherscan-14902">[https://etherscan.io/tx/0xf1c7e570dd6fa6341a466b6497d640307fa6560386b2b7fb744b788bf114b16e Ethereum Transaction Hash (Txhash) Details | Etherscan] (Accessed Aug 12, 2024)</ref>

<ref name="etherscan-14903">[https://etherscan.io/tx/0x6677ba277427c0d3ecfcd65b75033637eac42912c81945c67b9e6b471212b4ca Ethereum Transaction Hash (Txhash) Details | Etherscan] (Accessed Aug 12, 2024)</ref></references>

Terra Money IBC Hook Reentrancy Vulnerability - Revision history