1/ If, after reading blog.alphafinance.io/alpha-homora-v… you are still confused how Alpha Homora and IronBank were hacked, here's how the hack was conceived
2/ Normally when you borrow funds from AH bank, your debtShare and totalDebt increases. Specifically if you want to borrow x tokens, your debt share will be calculated as:

share = x * totalShare / totalDebt

and it is added to totalShare
3/ All these numbers are very big integers (as token precisions are 18 digits) and the calculation is correct, but when totalShare = 1 (think 1 wei) and x < totalDebt, new debt share will be 0 (integer division)
4/ So if you manage to have AH bank with totalShare = 1, and some totalDebt you can repeatedly borrow less than the totalDebt (ideally totalDebt - 1) effectively doubling totalDebt in each iteration. You can do it as many times as you want, while totalShare will remain 1
5/ Eventually Iron Bank that supplies funds to AH will run out of funds, so when amounts get big enough (you are doubling each time), also make sure to replenish it with flash loan
6/ But first you need to make sure that there is a AH bank with totalShare = 1 in the first place. To do that you need to start with an empty bank, i.e. token that has been approved but not used yet. In this case - sUSD
7/ Then you need to do some initial setup which involves putting some collateral, taking small loan and repaying almost all of it - almost, leaving exactly 1 wei. Now you have a bank with totalShare and totalDebt = 1. Almost done, need to increase totalDebt
8/ To do that you call resolveReserve() method on this bank which will increase totalDebt without increasing totalShare and your setup is finished. Now you can extract funds doubling totalDebt at each step.
9/ Notice the state of the initial setup just before a sequence of borrows
ethtx.info/0x2e387620bb31…

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Bartek Kiepuszewski

Bartek Kiepuszewski Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @bkiepuszewski

31 Jan
[1/13] It may be initially confusing to fully grasp how deposits and withdrawals from L1 to @optimismPBC are actually implemented, and it helps to see the on-chain action of what is happening behind the scenes.
[2/13] Initial setup (simplified): on L1 we have SyntheticBridgeToOptimism from Synthetic and OVM_L1CrossDomainManager from Optimism contracts. On L2 we have SynthetixBridgeToBase and OVM_L2_CrossDomainManager contracts.
[3/13] Additionally we have Sequencer (L2 mining node) that verifies all L2 transactions and submits them in batches to L1 for future reference and Relayer that is responsible for relaying messages from L2 —> L1
Read 15 tweets
29 Sep 20
If you are confused how the hacker managed to drain contract, here’s the exact mechanics of what happened:
EMN contract allows you to buy (mint) EMN with DAI (and sell/burn). It uses quite standard Bancor’s bonding curve - DAI is used as a reserve currency for the EMN token. Price of EMN token is determined by the amount of EMN vs amount of DAI in the reserve
The second token, eAAVE is similar with the small but important caveat - it’s using EMN as a reserve currency, but “virtually” - if you buy/mint eAAVE by sending to it EMN tokens, instead of storing your EMN in the reserve, eAAVE contract will actually burn EMN.
Read 8 tweets
18 Feb 20
[1/8] Detailed analysis of another bZx/SNX attack (0x762881b07feb63c436dee38edd4ff1f7a74c33091e534af56c9f7d49b5ecac15). This one is more sophisticated than the previous one. The steps are as follows:
[2/8] Step 1. Flash borrow 7,500 ETH on bZx. This is ironic given that bZx will loose at the end
[3/8] Step 2. Exchange 540 ETH through Kyber to sUSD. This goes to Uniswap pushing sUSD value artificially high
Read 9 tweets
16 Feb 20
If you are interested in the details on the recent bZx arb/attack trade, have a look at ethtx.info/0xb5c8bd9430b6… - the following thread is a step-by-step explanation of what is going on
First the attacker gets 10,000 ETH loan from dYdX (SoloMargin.operate with ActionType=1 which is withdraw). Note that there is also ActionType=8 which is a call. In this case it is a call to attacker's script
Then he sends 5,500 ETH to Compound and gets 112 WBTC loan (cETH.mint and cWBTC.borrow)
Read 11 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!