My Authors
Read all threads
🚨🚨🚨 @LendfMe, a DeFi lending protocol, was just drained from $25M to less than $10K in one instant.

A simple explainer of what happened, as I understand it:

1/x Image
Let's look at the transaction level first.

It seems like an attacker was able to supply imBTC to @LendfMe...then withdraw more than he deposited.

What was happening?

2/x Image
To understand this, let's remind ourselves what a re-entrancy attack is.

When a process is interrupted in the middle, initiated again, then both the original and "re-entered" processes execute, a re-entrancy attack has occurred.

pic source: @hackernoon

3/x Image
This exploit was used in the $150M DAO hack:

In simplistic terms, during the hack, you:

- Submit a legitimate withdrawal
- Before the contract could update your balance...
- ...recursively withdrew more than you are entitled to

hackingdistributed.com/2016/06/18/ana…

4/x
Today, a similar exploit happened on @LendfMe.

Hacker deposited imBTC as collateral, then initiated a re-entrancy attack, withdrawing much more collateral than he deposited ($25M) initially.

But how was this possible?

5/x
imBTC uses a token standard called ERC777.

It’s like a more flexible version of ERC20. One of its features, “hook”, streamlines transactions, but also makes re-entrancy attacks easier.

@Consensys did a code audit that explains how this works:

github.com/ConsenSys/Unis…

6/x Image
This is not new info - the @UniswapProtocol team was aware of this since a year ago from the above code audit.

This is a testament to the fact that code audits are not just security theater. They are a worthwhile investment!



7/x
So there you have it - a preventable re-entrancy attack performed on a relatively new token standard was what enabled the imBTC pool to be drained on @LendfMe today.

Chinese readers, a more detailed walkthrough from @SlowMist_Team:

matataki.io/p/3460?c=83748…

8/x
Before we toss the baby out with the bathwater, vulnerabilities like this can be patched, and ERC777 presents some exciting UX improvements for crypto.



9/x
Some have asked - if @UniswapProtocol was aware of this, how was $300K still drained from their imBTC pool ytd?

afaik Uniswap v1 is made for ERC20. ERC777 promises backwards compatibility. The imBTC pool was supplied by users, not Uniswap.

defirate.com/imbtc-uniswap-…

10/x
h/t @Rewkang @tzhen for spotting/sharing this earlier today
Missing some Tweet in this thread? You can try to force a refresh.

Enjoying this thread?

Keep Current with Jason Choi 蔡浩霆

Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!