Bearn.Fi Incident: Inconsistent Asset Denomination Between Vault & Strategy
Started at 10:36:20 AM +UTC, May 16, 2021,
BvaultsBank contract was exploited to drain about $11M funds from the pool. The incident was due to a bug in its internal
withdraw logic in inconsistently reading the same input amount but with different asset denomination between
BvaultsBank and the associated strategy
BvaultsStrategy. In the following, we elaborate the technical details.
This incident was due to the mis-matched asset denomination implicitly assumed by
BvaultsBank and its
BvaultsStrategy strategy. Specifically, the
BvaultsBank's withdraw logic assumes the withdrawn amount is denominated in
BUSD while the
BvaultsStrategy's withdraw logic assumes the withdrawn amount is denominated in
ibBUSD. Note that
ibBUSD is an interest-bearing token and is more expensive than
BUSD. As a result, the withdraw request of
100 BUSD effectively leads to the withdraw of
100 ibBUSD. The exploitation of the issue leads to about $11M funds drained from the
Inconsistent Asset Denomination Between BvaultsBank And BvaultsStrategy
We started the analysis from the transaction behind one specific hack: 603b…a36c. This transaction has a number of repeated operations against the
BvaultsBank contract and our following elaboration
focuses on the first set of the repeated operations.
- It borrows a flashloan from
CREAMwith 7,804,239.111784605253208456 BUSD, which is returned at the last step with necessary fee to cover the flashloan cost.
- It deposits the borrowed funds into
BvaultsBank, which are immediately sent to the associated
BvaultsStrategystrategy, then to
Alpaca Vaultfor yield. Due to the above deposit, the
Alpaca Vaultmints 7,598,066.589501626344403426 ibBUSD back to
- It farms with the received 7,598,066.589501626344403426 ibBUSD via the
- It withdraws the 7,804,239.111784605253208533 BUSD from
BvaultsBank, which turns to be interpreted as withdrawing 7,804,239.111784605253208533 ibBUSD, or equivalently 8,016,006.09792806917101481 BUSD! In other words, the initial deposit of 7,804,239.111784605253208456 BUSD comes back with 8,016,006.09792806917101481 BUSD. It should be mentioned that the returned funds reside in the
BvaultsStrategyand the user only gets back 7,804,239.111784605253208456 BUSD as requested in this round.
- In the next round, the user still deposits 7,804,239.111784605253208533 BUSD into
BvaultsBank, cascadingly to
BvaultsStrategy. But with the previous leftover from the last round,
BvaultsStrategycredits the user with 8,016,006.09792806917101481 BUSD, which is used for yield again via
- It repeats the above steps to continue accumulating the credit and finally exits by draining the pool.
- It returns the flashloan with 7,806,580.383518140634784418 BUSD.
This attack leads to more than $11M loss from the affected
BvaultsBank. And the attacker’s funds from the above exploitations were initially held in this wallet: 47f3. We are actively monitoring this wallet for any movement.
PeckShield Inc. is an industry leading blockchain security company with the goal of elevating the security, privacy, and usability of the current blockchain ecosystem. For any business or media inquiries (including the need for smart contract auditing), please contact us at telegram, twitter, or email.