Balancer Deflation Hack

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Jump to navigation Jump to search

Notice: This page is a freshly imported case study from the original repository. The original content was in a different format, and may not have relevant information for all sections. Please help restructure the content by moving information from the 'About' and 'General Prevention' sections to other sections, and add any missing information or sources you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!

Balancer

Balancer allows the creation of multi-token pools which rebalance as others use them for trading. The Balancer protocol smart contract hot wallet had a vulnerability to deflationary tokens, which a hacker was able to exploit to steal $523k worth of liquidity.

Initially, the project refused to assist affected users and denied responsibility. However, this decision was reversed after it was determined that a previous bug bounty report had been made (and ignored at the time) about the vulnerability. In the end, Balancer paid out the bug bounty and repaid all affected users.

This is a global/international case not involving a specific country.[1][2][3][4][5][6][7][8][9][10][11][12][13][14][15][16][17][18][19][20][21][22][23][24][25]

About Balancer

"Automated portfolio manager and trading platform. Put your cryptoassets to work and get the best prices for trades." "Balancer is a community-driven protocol, automated portfolio manager, liquidity provider, and price sensor that empowers decentralized exchange and the automated portfolio management of tokens on the Ethereum blockchain and other EVM compatible systems."

"Balancer turns the concept of an index fund on its head: instead of paying fees to portfolio managers to rebalance your portfolio, you collect fees from traders who rebalance your portfolio by following arbitrage opportunities." "Balancer Pools contains two or more tokens that traders can swap between. Liquidity Providers put their tokens in the pools in order to collect swap fees." "Balancer adopts powerful features to slash gas costs, super-charge capital efficiency, unlock arbitrage with zero-token starting capital, and open the door to custom AMMs."

"Balancer enables efficient trading by pooling crowdsourced liquidity from investor portfolios and using its Smart Order Router to find traders the best available price. Exchange any combination of ERC-20 tokens permissionlessly, with ease." "The Balancer Protocol is a core building block of DeFi infrastructure—a unique financial primitive and permissionless development platform. Balancer is the most flexible and versatile Automated Market Maker, giving developers unprecedented customizability."

As of June 3rd, there were "153 pools with over $10.2M total liquidity."

The Reality

The Balancer protocol reportedly ignored bug reports for over 2 months prior to the attack.

There was an incompatibility present in the protocol which affected any deflationary tokens stored within liquidity pools.

What Happened

Due to an incompatibility between the Balancer protocol and deflationary token mechanisms, the protocol was attacked and tricked into releasing $500,000 worth of tokens[26]. Two Balancer pools were drained of at least $500,000 through an exploit taking advantage of the deflationary properties of the Statera (STA) token on June 28[27].

Key Event Timeline - Balancer Deflation Hack
Date Event Description
June 28th, 2020 12:03:11 PM MDT Main Event Expand this into a brief description of what happened and the impact. If multiple lines are necessary, add them here.
June 28th, 2020 8:00:52 PM MDT NewsBTC Article NewsBTC reports the attack as approximately $500,000 worth of Ethereum and other altcoins being stolen. The attacker utilized a smart contract to manipulate the Balancer Pool, causing it to go into debt and draining STA token balances. The attacker then exploited a vulnerability to drain Wrapped Ethereum, Wrapped Bitcoin, Synthetix, and Chainlink from the pool. The stolen funds were estimated to be around $500,000. The attacker, described as a "very sophisticated smart contract engineer," remains at large, having used an Ethereum mixer to obscure their identity. This incident adds to existing concerns about the complexity and security of DeFi products[26].
June 29th, 2020 7:38:00 PM MDT Further Thoughts On Reimbursement The team shares a Tweet with further thoughts on their decision to reimburse victims[23].
June 29th, 2020 10:58:49 AM MDT Second Attack Reported AZCoinNews reports that Balancer has experienced a second attack within 24 hours, though this time on a smaller scale, involving approximately $2,300 worth of Compound tokens (COMP)[28]. The attacker used flash loans from both dYdX and Uniswap, loaning more than $33 million to generate cTokens representing ownership in a Compound pool. The attacker manipulated the Balancer system, making it believe they owned a significant share of the pool's COMP, leading to the withdrawal of 10 COMP and exchange for ETH worth around $2,300. Balancer has committed to compensating affected users and a researcher who reported the vulnerability in May[28].
June 30th, 2020 9:53:29 PM MDT CryptoTicker Article CryptoTicker reports that two Balancer pools were drained of at least $500,000 through an exploit taking advantage of the deflationary properties of the Statera (STA) token on June 28. The hacker executed a complex transaction to attack Balancer pools and made away with at least $425,000 worth of tokens. The attacker manipulated the Balancer pool, taking advantage of the deflationary characteristics of the STA token, resulting in the misbehavior of transfer() and transferFrom(). Balancer Labs has announced that it will fully reimburse all liquidity providers who lost funds in the attack and will also pay out the highest bug bounty available for the identified vulnerability[27].

Technical Details

The attacker utilized a smart contract to manipulate the Balancer Pool, causing it to go into debt and draining STA token balances[26]. The attacker then exploited a vulnerability to drain Wrapped Ethereum, Wrapped Bitcoin, Synthetix, and Chainlink from the pool[26]. The attacker, described as a "very sophisticated smart contract engineer," remains at large, having used an Ethereum mixer to obscure their identity[26].

The attack involved a carefully crafted transaction, taking over $500,000 in Ether, Wrapped Bitcoin (WBTC), Chainlink (LINK), and Synthetix (SNX) tokens[28]. The attacker manipulated the Balancer pool, taking advantage of the deflationary characteristics of the STA token, resulting in the misbehavior of transfer() and transferFrom(). Balancer Labs has announced that it will fully reimburse all liquidity providers who lost funds in the attack and will also pay out the highest bug bounty available for the identified vulnerability[27].

"Started at 06:03:11 PM +UTC, Jun-28-2020, the DeFi platform, Balancer, was attacked by exploiting its flawed handling of ERC20 deflationary tokens." "Balancer Pool admitted early [on June 29th, 2020] it had fallen victim to a sophisticated hack that exploited a loophole, tricking the protocol into releasing $500,000 worth of tokens." "The hacker made off with around 601 ether, 11 wrapped bitcoin (WBTC), 22,600 chainlink (LINK), and 61,000 synthetix (SNX)" "Technically, the main logic behind the incident is the incompatibility between Balancer and deflationary tokens, which is then misused by the attacker to create skewed STA/STONK pools states and make profits from that."

"[T]he transaction begins with a flash loan from dYdX for 104,000 ETH, or about $23 million." "The exploit relied on Statera (STA), a deflationary token where 1% of every transaction is automatically burned. Balancer’s smart contracts seem to have failed to account for this, thus expecting that each transaction would be for the full amount." "The hacker exploited this by exchanging back and forth between Statera and Ether 24 times. At each step, the STA balance available to the contract diminished by 1%, but the smart contract did not account for this. Thus, the price of STA remained stable despite the dwindling supply." "[A]t the end of this procedure the attacker called a function that updated the price based on the effective pool balance. Since the STA side was empty, it was suddenly priced at a huge premium." "The hacker used a “weiSTA,” or one billionth of a token, to swap for other assets on the platform, including ETH, BTC, LINK and SNX. Due to the burn mechanism, the weiSTA was never actually exchanged, which allowed the hacker to perform the transfer multiple times until all STA pools were dried." "They then exchanged the remainder of the STA to Balancer Pool tokens and cashed them out to Ether with Uniswap."


"The attack vector is quite simple. Balancer pools were not designed with deflationary tokens (like Statera and STONK) in mind. Specifically, these kinds of tokens include a transferFee that are assessed whenever transfer() or transferFrom() functions are called to move funds. For example, transferring 100 Statera tokens into a Balancer pool would result in only 99 tokens being added to the pool since 1 token would be burned in the process."

"The key difference between Balancer and Uniswap, which handles these tokens correctly, is that a Balancer Pool contract does not double check its actual token balance before performing a swap. Instead, it assumes a successful transferFrom() call with 100 erc20 tokens will result in its token balance increasing by that exact amount, 100 tokens, and stores this value in a storage variable called _records[address]. This causes _records[address] to be inaccurate when dealing with deflationary tokens."

"Balancer pools also include a function called gulp() which can be called to update the stored token balance in _records[address] to the actual value. This function was intended to be used for inflationary tokens but actually represents an attack vector when used with deflationary tokens."

Total Amount Lost

The total amount lost has been estimated at $523,000 USD. Other sources widely report $500,000[27][26].

Some funds were lost in the execution of the complex attack. The hacker reportedly only made away with at least $425,000 worth of tokens[27].

Immediate Reactions

"The Balancer team is being accused by a security researcher and the STA team for ignoring a bug report submitted almost two months before. Balancer’s CTO, Mike McDonald, confirmed the existence of the report, claiming that the issue outlined in it was essentially unexploitable and blaming flash loans for the incident. It is worth noting that any exploit made possible by a flash loan is also vulnerable to hackers with significant funds." “The only warning they have is on their website which suggests that the project is in beta and all funds are at risk.” "The hacker’s identity remains a mystery but analysts at 1inch exchange, a decentralized exchange aggregator, said the hacker had covered their tracks well: The ether used to pay transaction fees and deploy smart contracts was laundered through Tornado Cash, an Ethereum-based mixer service."

"“The person behind this attack was [a] very sophisticated smart contract engineer with extensive knowledge and understanding of the leading DeFi protocols,” 1inch said in its blog post on the breach." "“We deeply regret, apologize and sincerely extend our condolences to all the victims of this attack,” Statera said in an official announcement." The CTO posts that they "will begin adding transfer fee tokens to the UI blacklist similarly to what we have done for no bool transfer tokens. Note that these lists will be non-exhaustive and any new tokens can be added to Balancer at any point." "The project [initially] added that it was not in a position to be able to refund the attacker’s victims."

Ultimate Outcome

"[S]ome community members called for lawsuits against the firm and its developers hours after the hack came to light." "After thorough discussions with the community, the Balancer Labs team decided that it [would] fully reimburse all the liquidity providers who lost funds in the attack." "Balancer Labs [clarified they made the decision to] reimburse the losses of liquidity providers in the attack [because] the team had already received a specific bug bounty report prior to the hack."

"After thorough discussions with the community, the Balancer Labs team decided that it will fully reimburse all the liquidity providers who lost funds in the attack of yesterday. We will also pay out the highest bug bounty available for @Hex_Capital." "The bug bounty report describes in detail the attack that happened. Our team however did not think it would be a practical attack because of the enormous amounts of funds and also gas we thought would be required for bringing the balance of the deflationary token to near 0 in a single atomic transaction." "We at Balancer Labs are all human beings working a lot and under a lot of stress. Unfortunately we are bound to make mistakes and wrong decisions and thinking the attack was not viable was most definitely one of them. We sincerely apologize to Ankur Agrawal (Hex_Capital) who submitted the report and will award them the maximum amount available in our current bug bounty."

Second Attack On Balancer Protocol

Balancer experienced a second attack within 24 hours, though this time on a smaller scale, involving approximately $2,300 worth of Compound tokens (COMP)[28]. The attacker used flash loans from both dYdX and Uniswap, loaning more than $33 million to generate cTokens representing ownership in a Compound pool. The attacker manipulated the Balancer system, making it believe they owned a significant share of the pool's COMP, leading to the withdrawal of 10 COMP and exchange for ETH worth around $2,300. Balancer has committed to compensating affected users and a researcher who reported the vulnerability in May[28].

Total Amount Recovered

The Balancer Labs team reportedly decided that they would fully refund any liquidity providers who lost funds in the attack the following day.

The total amount recovered has been estimated at $523,000 USD.

The team has shared a Tweet with further thoughts on their decision to reimburse victims[23].

Ongoing Developments

This incident adds to existing concerns about the complexity and security of DeFi products[26].

Individual Prevention Policies

Individuals can avoid similar losses by ensuring that all smart contracts they use have obtained multiple third party audits and implemented fixes for any significant vulnerabilities which have been identified.

Avoid the use of smart contracts unless necessary. Minimize the level of exposure by removing or withdrawing assets whenever possible. Aim to choose smart contracts which have obtained third party security audits, preferably having been audited by at least three separate reputable firms. Pay attention to the audit reports, which smart contracts are covered, and whether the smart contract has been upgraded or modified since the report. Ensure that any administrative functions with the ability to remove funds from the smart contract are under the authority of a multi-signature wallet which is controlled by at least three separate and reputable entities.

Store the majority of funds offline. By offline, it means that the private key and/or seed phrase is exclusively held by you and not connected to any networked device. Examples of offline storage include paper wallets (seed phrase or key written down and deleted from all electronic media), hardware wallets, steel wallet devices, etc...

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

Platforms can prevent similar attacks by obtaining third party audits by at least three separate reputable firms in the space, and ensuring that any reported vulnerabilities and resolved as soon as possible. This may require the migration to a new/upgraded smart contract. In the event of a breach happening, an industry insurance fund can be set up to provide assistance to affected users.

All aspects of any platform should undergo a regular validation/inspection by experts. This validation should include a security audit of any smart contracts, reporting any risks to the backing (of any customer assets, ensuring treasuries or minting functions are properly secured under the control of a multi-signature wallet, and finding any inadequacies in the level of training or integrity of the team. The recommended interval is twice prior to launch or significant system upgrade, once after 3 months, and every 6 months thereafter. It is recommended that the third party performing the inspection not be repeated within a 14 month period.

Work with other industry platforms to set up a multi-signature wallet with private keys held separately by delegate signatories from seven prominent platforms and services within the industry. Establish requirements for contributions by all platforms and services, designed to be affordable for small platforms yet large enough to cover anticipated breach events. Any breach event can be brought forth by a member platform or a petition of 100 signatures for consideration by the delegate signatories. A vote of 4 or more delegate signatures is required to release any funds, which could partially or fully restore lost funds based on their assessment.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

Regulators can avoid this situation by ensuring that platforms obtain published security and risk assessments, and educating their citizens on the risks of unaudited smart contracts. In the event of a breach happening, an industry insurance fund can provide assistance to affected users.

All platforms should undergo published security and risk assessments by independent third parties. Two assessments are required at founding or major upgrade, one after 3 months, and one every 6 months thereafter. The third parties must not repeat within the past 14 months. A risk assessment needs to include what assets back customer deposits and the risk of default from any third parties being lent to. The security assessment must include ensuring a proper multi-signature wallet, and that all signatories are properly trained. Assessments must be performed on social media, databases, and DNS security.

Create a standard tutorial and quiz for all new cryptocurrency participants, which is required to be completed once per participant. This tutorial and quiz should cover the basics of proper seed phrase protection, strong password generation, secure two-factor authentication, common fraud schemes, how to detect and guard against phishing attacks, how ponzi schemes work, as well as other risks which are unique to the cryptocurrency space.

Set up a multi-signature wallet with private keys held separately by delegate signatories from seven prominent platforms and services within the industry. Establish requirements for contributions by all platforms and services within the country, designed to be affordable for small platforms yet large enough to cover anticipated breach events. Any breach event can be brought forth by a member platform or a petition of 100 signatures for consideration by the delegate signatories. A vote of 4 or more delegate signatures is required to release any funds, which could partially or fully restore lost funds based on their assessment.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. Incident with non-standard ERC20 deflationary tokens (Jun 28, 2020)
  2. Balancer Hacks: Root Cause and Loss Analysis (Jun 28, 2020)
  3. DeFi Protocol Balancer Hacked Through Exploit It Seemingly Knew About (Jun 29, 2020)
  4. Balancer Hacks: Root Cause and Loss Analysis (Jun 29, 2020)
  5. Hacker Drains $500K From DeFi Liquidity Provider Balancer - CoinDesk (Jun 29, 2020)
  6. @StateraProject - Twitter (Jun 29, 2020)
  7. @StateraProject - Twitter (Jun 29, 2020)
  8. 'Sophisticated' Hacker Plunders $450,000 From Defi Protocol Balancer | Altcoins Bitcoin News (Jun 29, 2020)
  9. DeFi platform Balancer to reimburse $500k in hack losses; community threatens legal action | CryptoSlate (Jun 30, 2020)
  10. CipherTrace Cryptocurrency Crime and Anti-Money Laundering Report 2020 (Jun 20, 2021)
  11. SlowMist Hacked - SlowMist Zone (May 18, 2021)
  12. List of Ethereum Smart Contracts Post-Mortems - Security - OpenZeppelin Community (Jun 23, 2021)
  13. Millions Lost: The Top 19 DeFi Cryptocurrency Hacks of 2020 | Crypto Briefing (May 22, 2021)
  14. Blockchain Hacks: 2020 | $15 billion lost, how can we mitigate hacks in 2021? | CertiK Foundation Blog (Jul 23, 2021)
  15. Comprehensive List of DeFi Hacks & Exploits - CryptoSec (Jan 8, 2022)
  16. Balancer AMM DeFi Protocol (Jan 9, 2022)
  17. Welcome - Balancer (Jan 9, 2022)
  18. https://medium.com/@ankur_63065/balancer-labs-incident-when-bug-bounties-fail-d783553bbcaf (Jan 9, 2022)
  19. @Hex_Capital Twitter (Jan 9, 2022)
  20. @defipulse Twitter (Jan 9, 2022)
  21. @BalancerLabs Twitter (Jan 9, 2022)
  22. @BalancerLabs Twitter (Jan 9, 2022)
  23. 23.0 23.1 23.2 Balancer Labs - "More on the thought process that the Balancer Labs team went through to decide on reimbursing all the liquidity providers who lost funds in yesterday's incident." - Twitter (Jan 9, 2022)
  24. Update 2 Incident With Non Standard Erc20 Deflationary Tokens (Jan 9, 2022)
  25. Balancer to compensate victims of $450,000 exploits and reward white hat hacker (Jan 9, 2022)
  26. 26.0 26.1 26.2 26.3 26.4 26.5 26.6 A Hacker Just Drained $500k in Ethereum & Altcoins From a DeFi App - NewsBTC (Nov 15, 2023)
  27. 27.0 27.1 27.2 27.3 27.4 Balancer Pools Get Drained Off $500K Through STA Exploit, Team Reimburses - CryptoTicker (Jan 9, 2022)
  28. 28.0 28.1 28.2 28.3 28.4 Balancer hacked twice within 24 hours, though this time is relatively small around $2,300 worth of Compound tokens (COMP) - AZCoin News (Apr 10, 2022)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=Balancer_Deflation_Hack&oldid=5185"