Bunni Rounding Vulnerability Enables Complex Flashloan Attack

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Revision as of 16:08, 10 October 2025 by Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/bunniroundingvulnerabilityenablescomplexflashloanattack.php}} {{Unattributed Sources}} thumb|Bunni Logo/HomepageBunni, a decentralized exchange built on Uniswap v4 with innovative liquidity management features, suffered an $8.4 million exploit due to a subtle rounding bug in its withdrawal logic that went undetected despite extensive testing. The attacker used flas...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Notice: This page is a freshly imported case study from an original repository. While the original content had a similar format, some sections may not have been fully completed. Please help fill in any empty sections or any missing information you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!

Bunni Logo/Homepage

Bunni, a decentralized exchange built on Uniswap v4 with innovative liquidity management features, suffered an $8.4 million exploit due to a subtle rounding bug in its withdrawal logic that went undetected despite extensive testing. The attacker used flashloans and a sequence of small withdrawals to manipulate the pool’s liquidity estimates, enabling a profitable sandwich attack on two pools, while the largest pool was spared due to limited flashloan liquidity. In response, Bunni paused most functions but safely re-enabled withdrawals for users, and is actively pursuing the attacker—who obscured funds through Tornado Cash—by offering incentives for fund return, notifying exchanges, and involving law enforcement. The team is also focused on fixing the vulnerability, enhancing testing frameworks, and preparing for a secure relaunch.[1][2][3][4][5][6][7][8][9][10][11][12][13]

About Bunni

Bunni is a decentralized exchange (DEX) built on Uniswap v4 designed to maximize liquidity provider (LP) profits across all market conditions. It introduces a unique "shapeshifting liquidity" technology that allows LPs to program and automatically adjust their liquidity positions based on market movements, effectively responding to market changes even while they sleep. This dynamic approach helps LPs optimize their returns without constant manual intervention.

Beyond providing flexibility, Bunni also enhances yield by enabling users to earn additional income on idle liquidity through integrations with trusted platforms like Aave and Gearbox. It optimizes swap fee revenue by leveraging auction-managed strategy providers and benefits from Uniswap’s vast and efficient orderflow, ensuring steady fee income.

Moreover, Bunni incorporates advanced protections to minimize common risks for liquidity providers, such as Miner Extractable Value (MEV) and Loss Versus Rebalancing (LVR), through innovative mechanisms like am-AMM and surge fees. The platform empowers developers and LPs to finely control how liquidity is distributed across price ranges and how it shifts in response to market signals, making it a flexible and powerful tool for sophisticated liquidity management.

The smart contract was reportedly audited by "Pashov, Cyfrin, and Trail of Bits".

The Reality

Despite multiple extensive unit tests, fuzz tests (including Medusa), and simulations, the Bunni protocol still managed to launch with a critical vulnerability.

The core vulnerability in Bunni’s smart contract was a subtle rounding error in how the pool’s idle balance was updated during withdrawals. Specifically, when liquidity providers withdrew their shares, the contract reduced the idle balance by a proportional amount but rounded this decrease down (using mulDiv), which was assumed safe because it would err on the side of higher idle balance and thus lower active liquidity—thought to protect the pool by making it more conservative.

Tests did not cover complex sequences of multiple operations interacting over time with the smart contract's rounding behavior. Each rounding decision was safe in isolation, and the tests likely focused on single-operation scenarios rather than long chains of withdrawals combined with swaps.

What Happened

Bunni suffered an $8.4 million exploit caused by a rounding bug in its withdrawal logic, leading to manipulated liquidity estimates.

Key Event Timeline - Bunni Rounding Vulnerability Enables Complex Flashloan Attack
Date Event Description
August 24th, 2025 3:50:23 PM MDT Attacker Funds Their Wallet The attacker first funds their Ethereum wallet from another wallet.
August 29th, 2025 1:49:00 PM MDT Bunni Last Post Prior Bunni makes their last post prior to the exploit talking about how "[r]ehypothecation is a game changer".
September 1st, 2025 10:35:32 PM MDT Unichain Attack Transaction An attack transaction is mined an accepted by the Unichain blockchain.
September 1st, 2025 10:38:23 PM MDT Ethereum Attack Transaction An attack transaction is mined and accepted into the Ethereum blockchain.
September 2nd, 2025 12:36:00 AM MDT TenArmor Posts Tweet TenArmor makes a public post about the exploit transaction, linking to the exploit transaction.
September 2nd, 2025 1:04:00 AM MDT Initial Announcement Posted The Bunni team posts an initial announcement that "[t]he Bunni app has been affected by a security exploit. As a precaution, we have paused all smart contract functions on all networks. Our team is actively investigating and will provide updates soon. Thank you for your patience."
September 2nd, 2025 5:03:00 AM MDT Announcement Limiting Exploit The Bunni team posts an update to inform the public that they believe that "only two Bunni pools were exploited: USDC/USDT on Ethereum Mainnet and ETH/weETH on Unichain. We’re still investigating. All Bunni's instances are still paused."
September 4th, 2025 3:37:00 PM MDT Complete Analysis Prepared The Bunni team posts a "completed analysis of the recent exploit". "Withdrawals have been unpaused, so LPs are now free to withdraw their assets. All other operations remain paused."
September 14th, 2025 1:23:00 PM MDT Timeless Foundation Reward According to a new tweet from the Bunni team, "the Timeless Foundation is launching a 108-ETH reward, worth $500,000, to encourage tips that lead to the Bunni protocol attacker's arrest and the return of all stolen funds".

Technical Details

Bunni suffered a sophisticated exploit resulting in the theft of approximately $8.4 million, affecting two liquidity pools: weETH/ETH on Unichain and USDC/USDT on Ethereum. The attacker used a three-step method on the USDC/USDT pool involving flashloans, a series of tiny withdrawals exploiting rounding errors, and a sandwich attack. Initially, the attacker flashborrowed 3 million USDT and pushed the pool’s price to an abnormal level while drastically reducing the active USDC balance. Then, through numerous tiny withdrawals, they exploited rounding inaccuracies to disproportionately decrease the pool's active USDC liquidity, causing a sharp but incorrect reduction in the pool’s total liquidity. Finally, leveraging this manipulated liquidity state, the attacker executed a sandwich attack that artificially inflated the pool’s liquidity, allowing them to extract significant profits before repaying the flashloan.

The core vulnerability stemmed from a subtle but critical rounding error in the smart contract’s withdrawal logic. The contract decreased the pool’s idle balance proportionally when liquidity providers withdrew, rounding down the decrease amount. This was assumed safe when done in isolation, but in a sequence of operations, it allowed the attacker to drastically reduce the pool’s active balance without burning a proportional amount of liquidity shares. This caused the pool’s total liquidity estimate to become artificially low, which was then reversed during the attacker’s swaps, creating an exploitable liquidity increase. Changing the rounding method to round up in these calculations stopped the exploit from being profitable.

The Bunni team noted that the largest pool, Unichain USDC/USD₮0, was spared mainly due to insufficient flashloan liquidity on Unichain, which prevented the attacker from executing the first step there. Post-exploit, the team paused most functions but safely unpaused withdrawals so LPs could reclaim their funds. They are actively pursuing recovery of stolen funds through legal means and exchange cooperation. Moving forward, Bunni aims to strengthen its testing frameworks to cover complex multi-operation scenarios better and explore comprehensive fixes before relaunching. Despite the setback, the team remains committed to innovating and advancing decentralized finance.

Total Amount Lost

The final numbers in the post-mortem which the Bunni protocol published are "~$8.4m". "Two pools were affected: weETH/ETH on Unichain and USDC/USDT on Ethereum."

An initial post by TenArmor reports losses at $2.3m. However, this appears to only include one of the attacks.

The total amount lost has been estimated at $8,400,000 USD.

Immediate Reactions

The Bunni team posted an initial update after pausing the protocol. Early external analyses mistakenly pointed to rebalancing issues, but the team quickly identified that the root cause was a subtle rounding bug during withdrawal operations, which the attacker exploited by combining multiple actions in a way the original code did not anticipate.

The team was initially surprised that the largest pool remained safe and determined that this was due to limited flashloan liquidity on that network—essentially, a matter of luck that prevented a bigger loss.

Ultimate Outcome

After analyzing the exploit, the Bunni team determined that unpausing withdrawals alone would be safe because the exploit relied on swaps, which remain paused. They conducted thorough fork testing, particularly with help from Cyfrin, to ensure withdrawals functioned correctly without risk. Based on these tests, the team unpaused withdrawals across all networks, allowing liquidity providers to safely withdraw their assets while keeping deposits and swaps paused to prevent further exploits.

The Bunni team has taken several steps to pursue the exploiter. Tracing the stolen funds hit a dead end since the wallets were funded via Tornado Cash, making identification difficult. The Bunni team contacted the attacker on-chain, offering to return 90% of the stolen funds if the majority is returned. They also alerted centralized exchanges to block the attacker’s wallets from cashing out the stolen assets. Additionally, they have engaged law enforcement to explore legal options if the funds are not returned, showing a commitment to exhaust all possible avenues for fund recovery. TenArmor has noted that it "appears that the attacker's profit was deposited into Aave".

A bounty of $500,000 USD was paid for the discovery.

Total Amount Recovered

The stolen funds from the Bunni exploit are currently held in two specific wallets. The team tried to trace the attacker by following the funding paths but hit a dead end because the funds were routed through Tornado Cash, which anonymizes transactions.

In response, Bunni has reached out to the attacker on-chain, offering to return 10% of the stolen amount as a reward if the rest is returned. They have also informed centralized exchanges about the attacker’s wallets to block any attempts to cash out the stolen funds. Additionally, Bunni has involved law enforcement to pursue all possible legal actions if the funds aren’t voluntarily returned. The team has committed to exploring every possible avenue to recover the stolen assets.

There do not appear to have been any funds recovered in this case.

Ongoing Developments

Several key aspects of the situation are still ongoing for the Bunni team. The stolen funds remain in attacker-controlled wallets, and despite attempts to trace and identify the exploiter, the use of privacy tools like Tornado Cash has made this challenging. The team continues to pursue fund recovery by reaching out to the attacker with an incentive to return most of the stolen assets, notifying centralized exchanges to prevent the attacker from cashing out, and engaging law enforcement to explore all legal avenues. A bounty of $500,000 is now available for information that leads to the successful arrest of the perpetrators.

On the security front, the Bunni team is actively working on fixing the vulnerabilities that led to the exploit. While they have made an important change to the rounding logic that prevented the exploit from being profitable, they are still exploring whether this fix might introduce new risks. To that end, they report they are enhancing their testing frameworks with more complex and thorough scenarios, including better fuzz and invariant tests, to ensure the protocol is robust against future attacks.

The protocol itself remains partially paused. Withdrawals have been safely re-enabled, allowing liquidity providers to access their funds, but other critical functions like deposits and swaps remain disabled. The team is prioritizing securing the system fully before restoring complete functionality, aiming to protect users and rebuild trust in the platform.

Individual Prevention Policies

No specific policies for individual prevention have yet been identified in this case.

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

Policies for platforms to take to prevent this situation have not yet been selected in this case.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

No specific regulatory policies have yet been identified in this case.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. TenArmor - "Our system has detected a suspicious attack involving #Bunni @bunni_xyz on #ETH, resulting in an approximately loss of $2.3M." - Twitter/X (Accessed Sep 19, 2025)
  2. Attack Transaction - Etherscan (Accessed Sep 19, 2025)
  3. Attacker Address - Etherscan (Accessed Sep 19, 2025)
  4. Attacker Address Funded - Etherscan (Accessed Sep 19, 2025)
  5. Bunni - "The Bunni app has been affected by a security exploit. As a precaution, we have paused all smart contract functions on all networks. Our team is actively investigating and will provide updates soon. Thank you for your patience." - Twitter/X (Accessed Sep 19, 2025)
  6. Bunni - "Exploit Update: As far as we know, only two Bunni pools were exploited: USDC/USDT on Ethereum Mainnet and ETH/weETH on Unichain. We’re still investigating. All Bunni's instances are still paused." - Twitter/X (Accessed Sep 19, 2025)
  7. @bunni_xyz Twitter (Accessed Sep 19, 2025)
  8. Attack Transaction On Unichain (Accessed Sep 19, 2025)
  9. Bunni - "Bunni’s frontend is unaffected by the NPM package supply chain attack, and https://bunni.xyz is NOT impacted. We advise against onchain transactions for now; no user action required." - Twitter/X (Accessed Sep 19, 2025)
  10. Bunni - "Today the Timeless Foundation is launching a 108-ETH reward, worth $500,000, to encourage tips that lead to the Bunni protocol attacker's arrest and the return of all stolen funds." - Twitter/X (Accessed Sep 19, 2025)
  11. Bunni Twitter/X Account (Accessed Sep 19, 2025)
  12. Bunni - "Rehypothecation is a game changer." - Twitter/X (Accessed Sep 19, 2025)
  13. Bunni LinkTree (Accessed Sep 19, 2025)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=Bunni_Rounding_Vulnerability_Enables_Complex_Flashloan_Attack&oldid=6945"