Bearn.Fi Incident: Inconsistent Asset Denomination Between Vault & Strategy
Started at 10:36:20 AM +UTC, May 16, 2021, BearnFi
’s BvaultsBank
contract was exploited to drain about $11M funds from the pool. The incident was due to a bug in its internal withdraw
logic in inconsistently reading the same input amount but with different asset denomination betweenBvaultsBank
and the associated strategy BvaultsStrategy
. In the following, we elaborate the technical details.
Summary
This incident was due to the mis-matched asset denomination implicitly assumed by BvaultsBank
and its BvaultsStrategy
strategy. Specifically, the BvaultsBank's withdraw
logic assumes the withdrawn amount is denominated in BUSD
while the BvaultsStrategy's withdraw
logic assumes the withdrawn amount is denominated in ibBUSD
. Note that ibBUSD
is an interest-bearing token and is more expensive than BUSD
. As a result, the withdraw request of 100 BUSD
effectively leads to the withdraw of 100 ibBUSD
. The exploitation of the issue leads to about $11M funds drained from the BvaultsBank
contract.
Details
Inconsistent Asset Denomination Between BvaultsBank And BvaultsStrategy
We started the analysis from the transaction behind one specific hack: 603b…a36c. This transaction has a number of repeated operations against the BearnFi
’s BvaultsBank
contract and our following elaboration
focuses on the first set of the repeated operations.
- It borrows a flashloan from
CREAM
with 7,804,239.111784605253208456 BUSD, which is returned at the last step with necessary fee to cover the flashloan cost. - It deposits the borrowed funds into
BvaultsBank
, which are immediately sent to the associatedBvaultsStrategy
strategy, then toAlpaca Vault
for yield. Due to the above deposit, theAlpaca Vault
mints 7,598,066.589501626344403426 ibBUSD back toBvaultsStrategy
. - It farms with the received 7,598,066.589501626344403426 ibBUSD via the
Alpaca FairLaunch
. - It withdraws the 7,804,239.111784605253208533 BUSD from
BvaultsBank
, which turns to be interpreted as withdrawing 7,804,239.111784605253208533 ibBUSD, or equivalently 8,016,006.09792806917101481 BUSD! In other words, the initial deposit of 7,804,239.111784605253208456 BUSD comes back with 8,016,006.09792806917101481 BUSD. It should be mentioned that the returned funds reside in theBvaultsStrategy
and the user only gets back 7,804,239.111784605253208456 BUSD as requested in this round. - In the next round, the user still deposits 7,804,239.111784605253208533 BUSD into
BvaultsBank
, cascadingly toBvaultsStrategy
. But with the previous leftover from the last round,BvaultsStrategy
credits the user with 8,016,006.09792806917101481 BUSD, which is used for yield again viaAlpaca
. - It repeats the above steps to continue accumulating the credit and finally exits by draining the pool.
- It returns the flashloan with 7,806,580.383518140634784418 BUSD.
The Funds
This attack leads to more than $11M loss from the affected BvaultsBank
. And the attacker’s funds from the above exploitations were initially held in this wallet: 47f3. We are actively monitoring this wallet for any movement.
About Us
PeckShield Inc. is an industry leading blockchain security company with the goal of elevating the security, privacy, and usability of the current blockchain ecosystem. For any business or media inquiries (including the need for smart contract auditing), please contact us at telegram, twitter, or email.