Defi primer -- how a hacker turned 0.04$ into 1.1 mil
Hello there and warm welcome to Elessar Labs! We are a Hong Kong based blockchain R&D team specialized in ecosystem security.
The aim of this platform is to offer friendly/precise rudimentary introduction to the curious novices, express our view, share/showcase our work and hopefully, to resemble what our name entails in the Tolkienian Middle Earth lore, shedding some lights upon what we strongly believe to be an indispensable part of the world going forward — the blockchain ecosystem.
This debut short commentary will be the first installment of our “how it works “ educational series, in which we intend to analyze real-time community events and use it as anchor to set forth introductions to the focal elements of the blockchain ecosystem, one at a time, followed by more in-depth technical analyses and implications for those savvier. So expect more coming along the way!
The Rikkei Finance (RiFi) case
On April 15th 2022, An Binance Smart Chain Procotol Rikkei Finance (RiFi) was attacked and appx. 1.1 mil USD was stolen, with a costing of 0.03USD. Like traditional financial market, the decentralized RiFi provides a platform for borrower to borrow safer assets (i.e. stable coin like USDC and USDT ,etc.) against the value of their less safe ones (i.e. BNB) at a discount with an interest, such interest is paid to lenders who are willing to loan out their safer assets using the less safe ones as collateral.
The method used by the attacker focuses on manipulating the quoting device that provides the price quote of against USD. To understand how exactly the attack took place, firstly we offer a conceptual illustration.
Illustration — how borrowing/lending works
The entire ecosystem is far more intricated. To keep it short and simple and for the sake of today’s focus, we over-simplified and offer the below conceptual illustration:
As said, the platform provides for the borrower to be able to borrow safer assets against the value of their less safe ones at a discount with an interest, such interest is paid to lenders who are willing to loan out their safer assets using the less safe ones as collateral. Noticed that three key terms are crucial to facilitate the asset-backed financing:
- A price (of the collateral used for borrowing);
- A discount (i.e. Loan to value ratio in the sense of traditional finance), and;
- An interest (to incentivize lending).
Conceptually all three elements are easy to understand. An interest is crucial to incentivize lenders to lend out their unused safer asset. A discount is the % of collateral value that can actually be borrowed, the % is hardly 100% since the collateral is less safe and price volatility is relatively high (and liquidity is relatively low compared with the safer assets they want to borrow). Like in traditional finance, various factors and considerations are involved in how the LTV is quantitively set and is beyond the topic of today.
Lastly is the value and this is what we are focusing today. There has to be a price of the collateral based on which the calculation is based. Unlike traditional finance, in which you can find the exact price rather easily (e.g. equity price at stock exchange, etc.), the very essence of Defi (Decentralized finance) means that there’s not a centralized place for bid-ask matching hence for quotes. So how to get the price quotes in a Defi scenario?
Price in a Defi world
It might sound stupid but to have a price quote that works, most people in the market will need to accept it. In traditional finance, getting price is a no-brainer — the majority of stocks is traded in the exchange and just look at whatever price is given at the stock exchange. However, tokens trading are scattered at various places, some, like stock exchanges, are centralized at exchanges (e.g. Binance and FTX, etc.), where both buyer and seller would firstly open accounts at an exchange and the transaction merely alters the internal book keeping of the exchange but the token itself has remained unmoved on chain (i.e. the token has remained on the wallet address of the exchange throughout the transaction).
While some others take place on the blockchain itself in a decentralized way , in which the token is actually moved from one blockchain wallet address to another (i.e. on-chain transaction), no centralized exchange is needed for this transaction and sellers do not need to transfer its token to the exchange first (and subsequently the balance of his account on the exchange is updated to reflect such storing of asset) to be able to sell it on the exchange afterwards.
So how to have a price quote that is accurate, timely and tamper resistance (i.e. can only be edited by those authorized) that takes account of both on-chain and off-chain transactions? We have a more in-depth article coming along shortly that delves deeper in the fundamentals of the origin of price in Defi. Suffice to say that in a decentralized ecosystem, protocols find price at ChainLink, currently the biggest and mostly accepted price feeder, to be able to fetch the off-chain data (e.g. trading price at centralized exchanges) back on chain. Chainlink can be further decomposed into two parts: Oracle Aggregator and Oracle Feeder, the former is to gather and calculate price from various independent price sources and the latter is to provide the processed price to whoever requests it.
Oracle Feeder and how Rikkei went wrong
Having briefly introduced ChainLink, the only task left is to grab the price from ChainLink and this is where RiFi messed up. RiFi needs to make sure that they can timely grab the price from Chainlink and Chainlink only and Rifi failed to achieve the latter. There’s a loophole in RiFi that make anyone able to alter where RiFi gets its price fed. Instead of Chainlink, some hacker changed the source of price to somewhere of his own making for his particular transaction, which deliberately increased the value of BNB (i.e. the collateral that hacker intends to borrow against in RiFi). Since the price of BNB is arbitrarily increased, the hacker then used this vastly increased collateral value BNB (his 0.0001 BNB originally worth of 0.04 USD got changed to worth 12.5 trillion USD) and borrowed a significant amount of stable token and subsequently converted those back into USD to profit.
For those interested in details, here are the technical specifics. As you can see from the screenshot below, the original RiFi code is on the left and the revised version is on the right. In the original code, qualifier is absent so anyone can send a transaction to invoke the “setOracleData” function call to set the oracle price source to any arbitrary contract address. The fixing is straightforward , adding permission check to make sure only contract admin can invoke such function.
Below is the exact operation that the hacker did:
- Deploy a malicious oracle contract, which arbitrarily increased the value of BNB;
- Deposit 0.0001BNB into the the RiFi Protocol. (~0.04 USD worth);
- Set RiFi’s BNB/USD Price feeder address to the malicious oracle contract mentioned above so that the transaction will fetch price from the wrong source. As a result, the 0.0001 BNB that hacker deposit is valued at 12.5 trillion USD according to the malicious oracle contract price. Factoring in the 70% discount of BNB LTV, the hacker has 12.5*0.7 = 8.75 trillion USD credit to borrow against others safer assets on RiFI. He then proceeded to borrow 1.1mil worth of safer asset and subsequently sold those asset for profit;
- To wrap the attack and cover up the scene, the attack recovered the BNB/USD’s price feeder address and destructed the attacker contract, to obfuscate the exploit technique.
Related further topics
As displayed, the RiFi case is a rather simple one. We use it as example only to provide a primer for the novice reader and to lay some conceptual fundamentals for further analyses. Many areas in the decentralized secured borrowing ecosystem we briefly mentioned today will be discussed in greater details later and things might not be as straight forward as it sounds in this article. Areas of interest you can expect in the short future include:
- How decentralized trading takes place;
- How exactly Chainlink works and its potential problems;
- Another crucial role in the secured financing ecosystem — the liquidator in Defi;
- How an ordinary user entering into a secured financing might face certain disadvantages due to how liquidation operates.