Cash.io App Solana Fake Account Exploit

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Jump to navigation Jump to search

Notice: This page is a new case study and some aspects have not been fully researched. Some sections may be incomplete or reflect inaccuracies present in initial sources. Please check the References at the bottom for further information and perform your own additional assessment. Please feel free to contribute by adding any missing information or sources you come across. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Cash.io App

The cash.io app is a blockchain stablecoin on the Solana blockchain. Due to a missing validation in the smart contract, a smart hacker was able to drain $52.8m worth of funds from the smart contract. The attacker made the decision that they would return the funds of all accounts that lost less than $100k, and sent those funds back to be distributed. It is assumed that these will be distributed as intended by the attacker, but that hasn't been finalized yet.

About Cash.io App

[1][2][3]

"cashio is a Solana-native stablecoin made for the people, by the people." "all cashio dollar deposits are fully backed by interest-bearing stable pair LP tokens."

"Cashio is a decentralized stablecoin fully backed by interest-bearing Saber USD liquidity provider tokens. Cashio specifically chooses USD LPs that are backed by safer USD assets, attempting to capture the risk-free rate of the Solana stablecoin ecosystem."

"Using Arrow Protocol, Cashio stakes LP tokens into Sunny Aggregator, earning $SBR and $SUNNY tokens to the Cashio DAO. Cashio also uses Crate Protocol to build its USD-pegged stablecoin, which can be thought of as a basket of stablecoin LPs."

"Currently, protocol profits accrue to a program-owned account known as the Bank. We intend to create a mechanism to have these cash flows accrue value to users of the Cashio Protocol. More information on this will be available soon."

The Reality

Cashio didn't establish a root of trust for all of the accounts it used.

the mint field on the arrow account is never validated." "This means that ultimately, all of this validation is meaningless because there's no trusted root.


The Cashio hack highlights the importance of thorough validation code in smart contracts[4]. In this case, the missing validation checks resulted in a significant vulnerability and the loss of the stablecoin's peg to the USD[4]. Conducting a smart contract audit could have potentially detected these vulnerabilities, but Cashio was an unaudited project, leaving it susceptible to exploitation by the attacker[4].

What Happened

In March 2022, the Solana-based stablecoin Cashio (CASH) experienced a hack that exploited an "infinite mint" vulnerability[4] to create counterfeit Cashio tokens and swap them for other stablecoins via CashioApp[5]. The attacker managed to steal over $52 million worth of tokens from the protocol, leaving many victims in a difficult situation[5] and causing the value of the CASH token to plummet to $0.00005[4].

Key Event Timeline - Cash.io App Solana Fake Account Exploit
Date Event Description
March 23rd, 2022 3:59:00 AM MDT Cash.io Posts Announcement To Twitter Cash.io announces the exploit on Twitter. They ask users to withdraw funds. They are investigating and believe they've found the root cause, and will publish a postmortem ASAP[6]. TBD community reaction.
March 23rd, 2022 4:29:00 AM MDT Samczsun Reports On Exploit Blockchain researched Samczsun reports on the exploit on Twitter[7].
March 24th, 2022 12:05:00 PM MDT Samczsun Issues Expanded Explanation Samczsun expands his initial description of the exploit to also include details about the fake bank which had to be created[8].
March 25th, 2022 10:53:59 AM MDT FXEmpire Article Published FXEmpire publishes an article about the hack[9]. The hack was a result of an "infinite mint glitch" that allowed the attacker to mint 2 billion CASH tokens by exploiting a flaw in Cashio's codebase. The hacker then exchanged a portion of the tokens for USDC and USDT, resulting in $27.2 million. The remaining CASH tokens were swapped for UST and USDC through Saber, totaling $25.6 million. After draining $52.8 million, the hacker transferred the funds to an Ethereum address via the Jupiter liquidity aggregator on Solana. To prevent such hacks, the Bybit team suggested implementing more stringent auditing processes and adopting traditional finance structures. They recommended conducting mandatory tests on the devnet during the development phase, followed by audits from external companies and expert checks before the app's release. Users were advised to educate themselves on the workings of decentralized finance (DeFi) to enhance their security measures. Notably, the hacker left a hidden message in one of the transactions, claiming to return funds to accounts with less than $100,000 and donating the rest to charity. However, it remains unclear if the charity refers to the ongoing Ukraine-Russia war, and there is no guarantee that the hacker will follow through on the promise[10]. This same article is reposted on Yahoo Finance[11].
March 25th, 2022 5:41:00 PM MDT Fortune Article Published Fortune reports that a hacker exploited a vulnerability in the Cashio stablecoin, stealing over $50 million and leaving many victims in a difficult situation[5]. One victim, Blaine, had invested $50,000 in cryptocurrency from trading NFTs to start a new life but found his account worthless. The hacker used an "infinite mint" glitch to create counterfeit Cashio tokens and swapped them for other stablecoins via CashioApp. By utilizing bridges between different blockchains, the hacker moved the funds to Ethereum and exchanged them for Ether. In a surprising twist, the scammer announced plans to donate the stolen funds to charity and return smaller amounts to victims with less than $100,000 in affected liquidity pools. However, the money was sent back to the liquidity pool accounts, which the victims couldn't access. To withdraw their money, the price of Cashio would need to recover, which might take a significant amount of time. The incident sparked a debate about how the returned funds should be distributed among the victims. While some believe it should be divided equally, others argue that it should go to those with less at stake. Blaine hopes the scammer has a change of heart and returns all the stolen funds, as many victims, including himself, are struggling after the loss[5].
March 26th, 2022 9:54:24 PM MDT Saber Labs Publishes Post-Mortem Saber Labs publishes a post-mortem that the Cashio hack has had a significant impact on Saber users, with the involvement of Saber team members leading to more capital being locked into CASH pools. The Saber platform acknowledges the need to make risks more visible and introduces new requirements for open source protocols listed on Saber, including the use of Soteria tools, Clippy lints, CI-enabled code, and thorough reviews by competent individuals or auditing firms. Existing open source protocols on Saber will also be reviewed to ensure the safety of user funds. Closed source protocols are not subject to these new requirements initially but are encouraged for increased security. The Saber team apologizes to users who suffered losses and expresses a lack of financial resources to reimburse them. They offer a $1 million USDC bounty as an incentive for the hacker to return the funds[12].
March 27th, 2022 10:42:00 AM MDT FXEmpire Article Updated This change largely updates to remove the personal attribution of quotations to Derek Lim from Bybit and instead attribute them to the platform itself and highlight that "FXEmpire spoke to a team from Bybit comprising Derek Lim, head of crypto insights, Gabriel Foo, senior research analyst and Fathur Rahman, COO of SolanaFM"[10][9]
March 28th, 2022 2:40:49 AM MDT Halborn Publishes Attack Explanation In March 2022, the Solana-based stablecoin Cashio (CASH) experienced a hack that exploited an "infinite mint" vulnerability. The attacker managed to steal over $52 million worth of tokens from the protocol, causing the value of the CASH token to plummet to $0.00005.

The attack involved manipulating the validation process for minting new CASH tokens. The protocol checks if the deposited collateral tokens match the type held within the protocol's accounts. However, there were missing validation checks that allowed the attacker to create fake accounts and deposit worthless collateral.

Specifically, the validation process failed to verify the token type within the saber_swap.arrow account and the depositor_source. This allowed the attacker to use a fake bank with worthless tokens to mint real CASH tokens, draining value from the protocol.

The Cashio hack highlights the importance of thorough validation code in smart contracts. In this case, the missing validation checks resulted in a significant vulnerability and the loss of the stablecoin's peg to the USD. Conducting a smart contract audit could have potentially detected these vulnerabilities, but Cashio was an unaudited project, leaving it susceptible to exploitation by the attacker.

March 28th, 2022 3:48:35 AM MDT Attacker Refund Announcement The attacker shares an announcement via a blockchain message that they have already refunded accounts holding CASH directly and Saber Cash/USDC LP and Saber Cash/UST LP, as long as the account balance was under 100k. They clarify that their intention was to target those who do not need the money, not those who do. They plan to use the Ethereum gains to return more funds to affected accounts, including some with balances exceeding 100k. Instructions are provided for individuals seeking a return of funds, including providing the Ethereum address to send the funds, the original Solana wallet that held the Cash or Cash LP pair, proof of ownership for LP held by others, transaction records before the hack, the amount of money to be returned, and an explanation of the source and need for the funds. All information must be signed by the original account owner or the account that staked the money into Sunny or Quarry. They warn against scammers and emphasize trusting only messages signed by the account. Returns will begin manually next week and may take some time to process[13].
March 28th, 2022 11:48:00 AM MDT Cash.io Refund Tool Online The refund tool is brought online on the Cash.io website[14]. TBD referenced tweet.
March 28th, 2022 12:33:02 PM MDT CryptoPotato Article Published CryptoPotato reports that the anonymous hacker responsible for stealing over $50 million from the decentralized protocol Cashio has set conditions for returning the stolen funds. The hacker requires affected users to state the amount they want to be refunded, provide their ETH address for refunds in Ether, and explain the source and need for the refund. Liquidity providers can receive refunds if they provide proof of their initial amount. Accounts with less than $100,000 have already been refunded. The hacker clarified that the target was big wallet holders who did not need the money. Saber Labs, the decentralized exchange backing Cashio, is offering a $1 million USDC bounty for the hacker's refund. The theft occurred after the hacker exploited a smart contract glitch in Cashio[15].
March 28th, 2022 1:40:00 PM MDT Post-Mortem Post Deleted The post-mortem which was originally brought online by Saber Labs[12] is subsequently deleted[16]. The information is no longer available except through the Internet Archive[17].
March 31st, 2022 3:57:00 AM MDT Cash.io Working Non-Stop To Issue Refunds Cash.io explains the refund process in a Twitter thread[18].
April 1st, 2022 8:26:15 PM MDT Token Balance Lookup Tool Twitter user simplyianm announces his tool which can be used to look up a balance in the exploit[19][20][21].
April 2nd, 2022 2:19:00 AM MDT Cash.io Announces Lookup Tool Cash.io announces ianm's tool which can be used to look up pre-hack token balance and the last transaction posted to an account[22].

Technical Analysis

The hack was a result of an "infinite mint glitch" that allowed the attacker to mint 2 billion CASH tokens by exploiting a flaw in Cashio's codebase[10].

The attack involved manipulating the validation process for minting new CASH tokens[4]. The protocol checks if the deposited collateral tokens match the type held within the protocol's accounts[4]. However, there were missing validation checks that allowed the attacker to create fake accounts and deposit worthless collateral[4].

Specifically, the validation process failed to verify the token type within the saber_swap.arrow account and the depositor_source[4]. This allowed the attacker to use a fake bank with worthless tokens to mint real CASH tokens, draining value from the protocol[4].

By utilizing bridges between different blockchains, the hacker moved the funds to Ethereum and exchanged them for Ether[5].

[13]

Project GitHub:[1]

The hacker then exchanged a portion of the tokens for USDC and USDT, resulting in $27.2 million[10]. The remaining CASH tokens were swapped for UST and USDC through Saber, totaling $25.6 million. After draining $52.8 million, the hacker transferred the funds to an Ethereum address via the Jupiter liquidity aggregator on Solana[10].

CryptoPotato reports that the anonymous hacker responsible for stealing over $50 million from the decentralized protocol Cashio has set conditions for returning the stolen funds. The hacker requires affected users to state the amount they want to be refunded, provide their ETH address for refunds in Ether, and explain the source and need for the refund. Liquidity providers can receive refunds if they provide proof of their initial amount. Accounts with less than $100,000 have already been refunded. The hacker clarified that the target was big wallet holders who did not need the money. Saber Labs, the decentralized exchange backing Cashio, is offering a $1 million USDC bounty for the hacker's refund. The theft occurred after the hacker exploited a smart contract glitch in Cashio[15].

Halborn Technical Analysis

Halborn published a technical analysis of the exploit on their blog[4].

To mint new CASH tokens, a user needs to deposit collateral.  This collateral can be deposited into a collateral account owned by the protocol if the deposit passes a series of checks designed to validate that the deposited tokens match the type held within the protocol’s accounts.

As part of the validation process for crate_collateral_tokens, the contract checked that the token type matched that of the saber_swap.arrow account.  However, there was no validation of the mint field within the saber_swap.arrow account.  The attacker could make a fake saber_swap.arrow account that would allow it to create a fake crate_collateral_tokens account that would allow the deposit of worthless collateral.

The other piece of the attack was a missing check for depositor_source, which has the same requirement that the token type should match that of the collateral.  It is possible to set the collateral token type if a user owns a bank, which can be created with a call to crate_mint.

With a fake bank, the attacker could deposit fake collateral that would pass all of the checks due to the issues in crate_collateral_tokens.  However, the code failed to verify that the token associated with the bank and the one being minted are the same.

As a result, a bank with a worthless token could be used to mint real CASH tokens.  This allowed the attacker to drain value from the protocol by depositing worthless collateral and minting real CASH tokens.

Samczsun Twitter Analysis

Samczsun posted an initial analysis of the exploit to Twitter[7].

Another day, another Solana fake account exploit. This time, @CashioApp lost around $50M (based on a quick skim). How did this happen?

In order to mint new CASH, you need to deposit some collateral. This cross-program invocation (CPI) will transfer tokens from your account to the protocol's account, but only if the two accounts hold the same type of token. Otherwise, the token program will reject the transfer.

Here, the protocol validates that the crate_collateral_tokens account hold the right type of token by comparing it with the collateral account. It also verifies the collateral account shares the same token type as the saber_swap.arrow account.

Unfortunately, the mint field on the arrow account is never validated.

This means that ultimately, all of this validation is meaningless because there's no trusted root. The attacker just created fake accounts all the way down and then chained it all the way back up until they finally made a fake crate_collateral_tokens account.

tl;dr because Cashio didn't establish a root of trust for all of the accounts it used, an attacker was able to steal approximately $50M by forging a chain of fake accounts

After a correction by other members of the community, this description was augmented[8].

I need to make a correction! Thanks to @madergaser and @siintemal for pointing out that I completely missed the other half of the exploit.

So as I mentioned earlier, the two token accounts must hold the same token. The attacker forged accounts to bypass the validation on common.crate_collateral_tokens, but what about depositor_source?

In order to mint new CASH, you need to deposit some collateral. This cross-program invocation (CPI) will transfer tokens from your account to the protocol's account, but only if the two accounts hold the same type of token. Otherwise, the token program will reject the transfer.

Well, the depositor_source has to use the same token as common.collateral.

But common.collateral contains two fields: collateral and bank, and the attacker can't set the collateral unless they're the owner of the bank.

Fortunately, the attacker can just create a new bank, one in which they're the curator. They'll need to use a new crate_mint since the total supply of the token must be zero.


"[B]ecause Cashio didn't establish a root of trust for all of the accounts it used, an attacker was able to steal approximately $50M by forging a chain of fake accounts."

"In order to mint new CASH, you need to deposit some collateral. This cross-program invocation (CPI) will transfer tokens from your account to the protocol's account, but only if the two accounts hold the same type of token. Otherwise, the token program will reject the transfer."

"Here, the protocol validates that the crate_collateral_tokens account hold the right type of token by comparing it with the collateral account. It also verifies the collateral account shares the same token type as the saber_swap.arrow account."

"Unfortunately, the mint field on the arrow account is never validated." "This means that ultimately, all of this validation is meaningless because there's no trusted root. The attacker just created fake accounts all the way down and then chained it all the way back up until they finally made a fake crate_collateral_tokens account."

"The attacker forged accounts to bypass the validation on common.crate_collateral_tokens, but what about depositor_source?" "Well, the depositor_source has to use the same token as common.collateral." "But common.collateral contains two fields: collateral and bank, and the attacker can't set the collateral unless they're the owner of the bank." "Fortunately, the attacker can just create a new bank, one in which they're the curator. They'll need to use a new crate_mint since the total supply of the token must be zero."

"Now that the attacker has essentially created a parallel universe, they can go back and deposit their worthless collateral. Critically, they can instruct the program to mint the original CASH token because there was no check that the bank's token matched the one being minted."

"While anchoring to a root of trust is important, the real lesson learned here is how all the authentication in the world is meaningless if you miss a single load-bearing check."

Total Amount Lost

The total amount lost has been estimated at $52,800,000 USD.

How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?

Immediate Reactions

How did the various parties involved (firm, platform, management, and/or affected individual(s)) deal with the events? Were services shut down? Were announcements made? Were groups formed?

CashIo Twitter Announcement

Cash.io posted an announcement to Twitter about the exploit[6].

Please do not mint any CASH. There is an infinite mint glitch. We are investigating the issue and we believe we have found the root cause. Please withdraw your funds from pools. We will publish a postmortem ASAP.

Technical Analyses

Multiple entities published technical analyses including Halborn[4] and Samczsun[8].

Blaine's Story

One victim, Blaine, had invested $50,000 in cryptocurrency from trading NFTs to start a new life but found his account worthless[5].

"Please do not mint any CASH. There is an infinite mint glitch. We are investigating the issue and we believe we have found the root cause. Please withdraw your funds from pools. We will publish a postmortem ASAP."

"Interestingly, the anonymous hacker stated that the purpose of the attack was to take funds from big wallet holders who did not need the money and not customers with smaller accounts."

"The Cashio hacker has set forth conditions for returning funds stolen from the decentralized platform. Data from Etherscan shows someone in control of the wallet linked to the exploit detailing how restitution could happen for people affected by the attack."

"The hacker gave six conditions, part of which asked affected users to state the amount to be refunded, provide their ETH address as refunds will be done in Ether. They also required users to give details about the source of their money and why they needed a refund."

"Furthermore, the perpetrator promised to refund affected liquidity providers if they can show proof of the initial amount they had. Meanwhile, the Cashio attacker said they had already refunded accounts with less than $100,000 in their wallets."

"[H]ave already refunded accounts under 100k which held CASH direrctly and saber cash/usdc LP and saber cash/ust LP."

"[T]he inntention was only to take money from those who do not need it, not from those who do. [W]ill be using the eth gains to return more funds to those affected, even some accounts more than 100k. will not return funds to accounts that already receive refund."

"[I]nstructions: we want jimthereaper#6550 and The Saint Eclectic#1238 to leads the organization. they have shown to be leaders. [F]or each person affected the following exact information is required for us to consider return of funds."

"1. eth address to send the returned funds to. all returns will be done in eth. 2. the original solana wallet that held the cash or cash lp pair. even cash lp pairs that we did not take (like PAI/CASH or aeMIM/CASH) will be return since it is our fault they lost money to arbitage bots. 3. if the lp is held by other owner (like sunny or quarry) then a transaction proving that you own the lp and the account that you own is needed. this message will have to be signed by the account that you own instead of account that directly owns the lp (since that will be sunny or quarry). 4. if already sell or buy lp or cash, show transaction from before the hack to prove how much you had. 5. the amount of money to be return. 6. an explanation of the source of this money and why you need it back. more detail is better. money will not be refund to rich american and european that don't need it."

"[A]ll this information MUST be signed by either the original account owner of cash or lp or the account that staked the money into sunny or quarry. [B]ad sign or incomplete information will result in no return. [W]e will choose who gets a return. [M]ight get all back or some back or none back. [P]ut all the request together in one file, returns will start next week manually. [W]ill take some time."

"[A]lso godoflight and all other are scammer. [O]nly trust message signed by account."

"We are working nonstop to make sure every refund submission gets verified in a transparent, efficient manner. Developing this takes some time. Regardless, we want to urge everyone impacted to head over to our discord and get help filling out a refund form. There is help."

Ultimate Outcome

What was the end result? Was any investigation done? Were any individuals prosecuted? Was there a lawsuit? Was any tracing done?

Attacker Announces Plans To Return Funds

In a surprising twist, the scammer announced plans to donate the stolen funds to charity and return smaller amounts to victims with less than $100,000 in affected liquidity pools[5].



Cashio.app attempted to assist members in filing claims[18].

We are working nonstop to make sure every refund submission gets verified in a transparent, efficient manner.

Developing this takes some time..

Regardless, we want to urge everyone impacted to head over to our discord and get help filling out a refund form.

We want to clarify that the team has been making sure that the thousands of entries are processed in a swift, publicly verifiable manner.

There are real money laundering concerns that must be addressed,

We will ensure that the file we send to the hacker contains only:

1) messages encrypted (signed) by private keys only allow decryption using a public key associated with the private key. Otherwise the message will return gibberish.

2) message memos contain valid proof that the public key used to decrypt message had ownership of lost funds.

We are working with @Saber_HQ @QuarryProtocol and more to get these tools out as fast as possible.

It is imperative that the ETH wallet addresses we make public are all in fact tied to stolen funds. Other ETH wallets are therefore considered laundered funds.

One of these tools will be for users to see themselves that their message can only be derived by their public key (since they signed using private key)

The other tool will be used internally to filter from thousands of memos to the find only ones associated with lost funds.

We will make the user signature verification tool public as soon as testing is completed- which should be within the next day or so (in order to give users the chance to use before we send files to the exploiter).

Please be aware that our team is focused on getting this out ASAP

The other tool will be a mix of a snapshot and verification of LP/CASH ownership before the time of the hack.

Once we get to that point, we will make sure the mechanism is as transparent as possible as well.

Additionally if you lost >$100 and < $100k in Quarry pools but can’t see your eligibility on their tool - please DM our team on Discord with your PUBLIC key and which quarry pools.

Please note that Quarry only had an eligibility tool out- claim function is not implemented yet.

Again- we know it might be a pain to have to go through and find the old LP transactions to prove your ownership- create the signature- then submit the form- but we are trying to make it as simple to get your money back while ensuring that you truly did lose the funds.


"[Y]ou can now go [and] search your wallet address." "For all CASH related token accounts it will show you [p]re hack token balance [and] [l]ast transaction to account. We will use this tool to verify submissions."

"Again- we know it might be a pain to have to go through and find the old LP transactions to prove your ownership- create the signature- then submit the form- but we are trying to make it as simple to get your money back while ensuring that you truly did lose the funds."

"[A]n argument is breaking out on social media about whether the returned funds, which is a comparatively small amount of the total amount stolen, should be split among all the victims or given to the individuals with less than $100,000 at stake, as the scammer intended."

"What was more interesting in Bybit’s findings was a hidden message embedded by the hacker in a particular transaction that has made the DeFi community rename the hacker as modern-day “Robin Hood.” The hacker wrote in a transaction[.]"

“Account with less than 100K have been returned. All other money will be donated to charity.”

Information On Return From Attackers

Posted in the blockchain.

have already refunded accounts under 100k which held CASH direrctly and saber cash/usdc LP and saber cash/ust LP.

the inntention was only to take money from those who do not need it, not from those who do. will be using the eth gains to return more funds to those affected, even some accounts more than 100k. will not return funds to accounts that already receive refund.

instructions: we want jimthereaper#6550 and The Saint Eclectic#1238 to leads the organization. they have shown to be leaders. for each person affected the following exact information is required for us to consider return of funds.

1. eth address to send the returned funds to. all returns will be done in eth.

2. the original solana wallet that held the cash or cash lp pair. even cash lp pairs that we did not take (like PAI/CASH or aeMIM/CASH) will be return since it is our fault they lost money to arbitage bots.

3. if the lp is held by other owner (like sunny or quarry) then a transaction proving that you own the lp and the account that you own is needed. this message will have to be signed by the account that you own instead of account that directly owns the lp (since that will be sunny or quarry).

4. if already sell or buy lp or cash, show transaction from before the hack to prove how much you had.

5. the amount of money to be return.

6. an explanation of the source of this money and why you need it back. more detail is better. money will not be refund to rich american and european that don't need it.

all this information MUST be signed by either the original account owner of cash or lp or the account that staked the money into sunny or quarry (like this https://docs.phantom.app/integrating/signing-a-message). bad sign or incomplete information will result in no return. we will choose who gets a return. might get all back or some back or none back. put all the request together in one file, returns will start next week manually. will take some time.

also godoflight and all other are scammer. only trust message signed by account.

Money Sent Back To Liquidity Pool Accounts

However, the money was sent back to the liquidity pool accounts, which the victims couldn't access[5]. To withdraw their money, the price of Cashio would need to recover, which might take a significant amount of time[5].

Debate About Distributing Returned Funds

The incident sparked a debate about how the returned funds should be distributed among the victims[5]. While some believe it should be divided equally, others argue that it should go to those with less at stake[5]. Victim Blaine hopes the scammer has a change of heart and returns all the stolen funds, as many victims, including himself, are struggling after the loss[5].

Post Mortem Deleted

The post-mortem of the incident has been deleted[16].

Total Amount Recovered

The total amount recovered is unknown.

What funds were recovered? What funds were reimbursed for those affected users?

Ongoing Developments

What parts of this case are still remaining to be concluded?

Individual Prevention Policies

The CashApp service involved entrusting assets to the safety of the CashApp protocol and smart contract. This posed a significant risk in terms of both third party trust and smart contract trust, and limited assurances were available for the safety of funds. The CashApp smart contract did not have a third party security audit, which majorly increases the risk level.

When using any third party custodial platform (such as for trading), it is important to verify that the platform has a full backing of all assets, and that assets have been secured in a proper multi-signature wallet held by several trusted and trained individuals. If this can't be validated, then users should avoid using that platform. Unfortunately, most centralized platforms today still do not provide the level of transparency and third party validation which would be necessary to ensure that assets have been kept secure and properly backed. Therefore, the most effective strategy at present remains to learn proper self custody practices and avoid using any third party custodial platforms whenever possible.

Avoid the use of smart contracts unless necessary. Minimize the level of exposure by removing or withdrawing assets whenever possible. Aim to choose smart contracts which have obtained third party security audits, preferably having been audited by at least three separate reputable firms. Pay attention to the audit reports, which smart contracts are covered, and whether the smart contract has been upgraded or modified since the report. Ensure that any administrative functions with the ability to remove funds from the smart contract are under the authority of a multi-signature wallet which is controlled by at least three separate and reputable entities.

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

CashApp stored user funds live in an unaudited smart contract, which was extremely risky. Taking measures to obtain a third party audit of the smart contract or store funds in a multi-signature wallet would have prevented or massively reduced the risk level. Offering a bug bounty could provide an incentive for a white hat hacker to find the issue first. Working with other industry participants to establish an insurance fund could reduce the impact of a breach on users.

Obtaining Third Party Audits

The CashApp smart contract was unaudited. Obtaining security audits from third parties can provide additional visibility into finding any potential vulnerabilities in the application. It is best practice to obtain at least 2 audits prior to launching and an additional audit every 6 months, starting on month 3.

To prevent such hacks, the Bybit team suggested implementing more stringent auditing processes and adopting traditional finance structures[10]. They recommended conducting mandatory tests on the devnet during the development phase, followed by audits from external companies and expert checks before the app's release[10]. Users were advised to educate themselves on the workings of decentralized finance (DeFi) to enhance their security measures[10]. Notably, the hacker left a hidden message in one of the transactions, claiming to return funds to accounts with less than $100,000 and donating the rest to charity[10]. However, it remains unclear if the charity refers to the ongoing Ukraine-Russia war, and there is no guarantee that the hacker will follow through on the promise[10].

All aspects of any platform should undergo a regular validation/inspection by experts. This validation should include a security audit of any smart contracts, reporting any risks to the backing (of any customer assets, ensuring treasuries or minting functions are properly secured under the control of a multi-signature wallet, and finding any inadequacies in the level of training or integrity of the team. The recommended interval is twice prior to launch or significant system upgrade, once after 3 months, and every 6 months thereafter. It is recommended that the third party performing the inspection not be repeated within a 14 month period.

Using a Multi-Signature Wallet

Smart contracts function as hot wallets, and while audits can greatly reduce the risks, even smart contracts with audits can still be vulnerable. By limiting the funds in the hot portion of a smart contract to just what is necessary for expected liquidity, and holding the rest in a simple multi-signature structure by known trained participants storing keys offline, smart contracts can be developed which have significantly less funds at risk of theft. The hot balance can be further protected through a simple insurance fund which can be set up by the project, a third party smart contract, or a collective industry fund.

All wallets, minting functions, and critical infrastructure should be implemented with a multi-signature requirement, with a recommended minimum of 3 signatures required. This means that making important changes or approving spending will require the keys held by at least 3 separate individuals within the organization to approve. The multi-signature should be implemented at the lowest layer possible, all key holders should have security training, and all key holders should be empowered and encouraged to exercise diligence.

Fallback Industry Insurance Fund

An industry insurance fund can be used in events which occur even given the above precautions. Aligned incentives can ensure that platforms are incentivized to have proper security and that users are protected.

Work with other industry platforms to set up a multi-signature wallet with private keys held separately by delegate signatories from seven prominent platforms and services within the industry. Establish requirements for contributions by all platforms and services, designed to be affordable for small platforms yet large enough to cover anticipated breach events. Any breach event can be brought forth by a member platform or a petition of 100 signatures for consideration by the delegate signatories. A vote of 4 or more delegate signatures is required to release any funds, which could partially or fully restore lost funds based on their assessment.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

Having a reasonable degree of oversight into the CashApp platform would have likely uncovered and corrected the security deficiencies in this case, while an industry insurance fund can provide assistance if funds are lost.

Additional Review of Platform Security

A basic policy of requiring a third party validation could effectively prevent this situation from occurring. Multiple third party validations would provide a higher degree of insight and stronger prevention strategies.

All platforms should undergo published security and risk assessments by independent third parties. Two assessments are required at founding or major upgrade, one after 3 months, and one every 6 months thereafter. The third parties must not repeat within the past 14 months. A risk assessment needs to include what assets back customer deposits and the risk of default from any third parties being lent to. The security assessment must include ensuring a proper multi-signature wallet, and that all signatories are properly trained. Assessments must be performed on social media, databases, and DNS security.

Establishment of Industry Insurance Fund

An industry insurance fund could handle breaches, while at the same time playing a key incentive in selecting competent platform validators.

Set up a multi-signature wallet with private keys held separately by delegate signatories from seven prominent platforms and services within the industry. Establish requirements for contributions by all platforms and services within the country, designed to be affordable for small platforms yet large enough to cover anticipated breach events. Any breach event can be brought forth by a member platform or a petition of 100 signatures for consideration by the delegate signatories. A vote of 4 or more delegate signatures is required to release any funds, which could partially or fully restore lost funds based on their assessment.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. 1.0 1.1 GitHub - cashioapp/cashio: $CASH Rules Everything Around Me (May 5, 2022)
  2. Cashio (May 5, 2022)
  3. Cashio (May 5, 2022)
  4. 4.00 4.01 4.02 4.03 4.04 4.05 4.06 4.07 4.08 4.09 4.10 4.11 Explained: The Cashio Hack (March 2022) - Halborn (May 5, 2022)
  5. 5.00 5.01 5.02 5.03 5.04 5.05 5.06 5.07 5.08 5.09 5.10 5.11 Crypto Robin Hood stole $50 million and says he’ll it donate to charity. But the victims just want their money back - Fortune (May 5, 2022)
  6. 6.0 6.1 CashioApp - "There is an infinite mint glitch. ... Please withdraw your funds from pools." - Twitter (May 5, 2022)
  7. 7.0 7.1 samczsun - "@CashioApp lost around $50M" - Twitter (Mar 24, 2022)
  8. 8.0 8.1 8.2 samczsun - "I need to make a correction! ... I completely missed the other half of the exploit." - Twitter (May 5, 2022)
  9. 9.0 9.1 Solana Cashio Hack Loots $52.8M: Investigations Reveal Surprising Facts - FXEmpire Archive March 25th, 2022 11:52:48 AM MDT (Jul 5, 2023)
  10. 10.0 10.1 10.2 10.3 10.4 10.5 10.6 10.7 10.8 10.9 Solana Cashio Hack Loots $52.8M: Investigations Reveal Surprising Facts - FXEmpire (May 5, 2022)
  11. Solana Cashio Hack Loots $52.8M: Investigations Reveal Surprising Facts - Yahoo Finance (May 5, 2022)
  12. 12.0 12.1 Postmortem: Cashio Hack - Saber Labs Medium Archive March 26th, 2022 10:58:06 PM MDT (May 5, 2022)
  13. 13.0 13.1 Transaction From Attacker - "the inntention was only to take money from those who do not need it, not from those who do. will be using the eth gains to return more funds to those affected, even some accounts more than 100k. will not return funds to accounts that already receive refund" - Etherscan (May 5, 2022)
  14. CashioApp - "Thanks @wireless_anon for setting this  up. We have deployed the same code [on our website]" - Twitter (May 5, 2022)
  15. 15.0 15.1 Cashio Hacker Sets Conditions to Return Stolen $50 Million - CryptoPotato (May 5, 2022)
  16. 16.0 16.1 Postmortem: Cashio Hack - Saber Labs Medium (Jul 6, 2023)
  17. Postmortem: Cashio Hack - Saber Labs Medium Archive March 28th, 2022 1:40:00 PM MDT (Jul 6, 2023)
  18. 18.0 18.1 CashioApp - "We are working nonstop to make sure every refund submission gets verified in a transparent, efficient manner." - Twitter (May 5, 2022)
  19. simplyianm - "I just launched a portal for figuring out if you were affected by the @CashioApp hack." - Twitter (May 5, 2022)
  20. simplyianm - "I just launched a portal for figuring out if you were affected by the @CashioApp hack." - Twitter Archive August 2nd, 2022 12:54:28 AM MDT (Apr 24, 2023)
  21. simplyianm - "Some things I'm getting to: - automatically checking if you got refunded by the hacker" - Twitter Archive April 1st, 2022 8:29:07 PM MDT (Apr 24, 2023)
  22. CashioApp - "Thanks to help from @simplyianm at @Saber_HQ you can now go to http://anchor.so/Cashio & search your wallet address." - Twitter (May 5, 2022)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=Cash.io_App_Solana_Fake_Account_Exploit&oldid=4758"