Discover and read the best of Twitter Threads about #defiyieldprotocol

Most recents (1)

1/How @ElevenFinance got hacked? 🧵

The exploit was possible due to a bug in emergencyBurn() function of ElevenNeverSellVault.

There is a transfer of previously deposited funds during the function call, but there is a lack of burning of Nerve shares to account for the transfer Image
2/ In other words, an attacker could double-spend Nerve shares he acquired during initial deposit to the vault.

emergencyBurn() didn’t burn 11NRV Tokens so an attacker used them in “withdrawAll()” to get additional LP Tokens in return.
3/ He burned LP Tokens on PancakeSwap getting the underlying tokens.

After repaying the FlashSwap, attacker was left with funds from burning second time the 11NRV Tokens.

This was done on multiple vaults on ElevenFinance, marking a total loss of $4.5M.
Read 4 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!