Olympus DAO Hack Analysis

Olympus DAO Hack Analysis

Overview:

On Friday, October 21, 2022, a malicious actor exploited a vulnerability in the smart contract to steal 30,437 OHM tokens from the Olympus DAO. After the incident, it was revealed that hackers stole about $300,000 in OHM tokens.

The BondFixedExpiryTeller contract from OlympusDAO included a redeem() function that does not correctly check the input, resulting in a loss of about $292,000. A short while later, Olympus DAO provided users with another update, revealing that the hacker had restored the stolen money to the protocol.

Attack Overview:

• Attacker’s Transaction address: 0xa29e
• Olympus contract address: 0x64aa
• Vulnerable Contract: 0xa29e4f
• Attacker’s Transaction: 0x181a
• Returned Address: 0xdca75

Decoding the Smart Contract Vulnerability:

Code Snippet: https://etherscan.io/address/0x007FE7c498A2Cf30971ad8f2cbC36bd14Ac51156#code#F1#L137

/* ========== REDEEM ========== */

/// @inheritdoc IBondFixedExpiryTeller
function redeem(ERC20BondToken token_, uint256 amount_) external override nonReentrant {
    if (uint48(block.timestamp) < token_.expiry())
        revert Teller_TokenNotMatured(token_.expiry());
    token_.burn(msg.sender, amount_);
    token_.underlying().transfer(msg.sender, amount_);
}

• The BondFixedExpiryContract of the OlympusDAO has a redeem() function.
• The OHM tokens in the Bond Contract might be redeemed by an attacker since the redeem() method takes tokens without any input validation allowing the attacker to use their own malicious contract.
• Since the malicious contract will be attacker-controlled, they’ll be able to enter any arbitrary amount in the parameter “amount_”. This will then transfer the same amount of OHM tokens to the msg.sender, which is the attacker.
• Thus, allowing an attacker to redeem and transfer all the tokens.

Mitigation best practices:

• Verify and sanitize user inputs at all times.
• Ensure that all code is open to the public and is thoroughly audited.
• Access control methods must be properly implemented in the contract so that, should an attacker get control of users, he is prevented from draining all cash.
• If a project team underestimates the value of tokens in the liquidity pool, malicious parties may launch flash loan assaults by exploiting flaws in smart contracts.

Our product SolidityScan looks for multiple types of missing input validation related vulnerabilities and 130+ other vulnerability patterns.

Conclusion:

An attacker was able to take about 30,000 OHM ($300,000) from the OHM bond contract at Bond Protocol due to poor user input validation. Hence validation of all user-supplied inputs is important for Smart Contract security.

SolidityScan is an advanced smart-contract scanning tool that discovers vulnerabilities and reduces risks in code. Request a security audit with us, and we will help you secure your smart contracts. Signup for a free trial at https://solidityscan.com/signup