PrismaFi Hack Analysis

Overview:

On March 29, 2024, PrismaFi suffered an attack due to an insufficient validation issue, leading to an approximate loss of over 11M USD.

Smart Contract Hack Overview:

• Attacker address: 0x7e39e3
• Vulnerable Contract: 0xcc7218
• Attack Contract: 0xd99607
• Attack Transaction: 0x00c503

Fig: Attack Transaction

Decoding the Smart Contract Vulnerability:

1. The issue arises in the contract MigrateTroveZap, designed for automating trove migration.
2. The function migrateTrove() is expected to facilitate user trove migration to another TroveManager for the same collateral but lacks strict input validation.
3. The attacker exploits this vulnerability by passing arbitrary data, allowing calls to closeTrove and openTrove for arbitrary addresses not owned by the attacker.
4. In the exploit transaction, the attacker closes and opens a trove within the same trove manager address, profiting from the process.
5. Approximately 1282 wstETH remains in the MigrateTroveZap contract after the onFlashloan callback execution, which the attacker utilizes to open a new trove and migrate it, before closing it and profiting further.

Fig: The root cause of the vulnerability

Mitigation and Best Practices:

• Enhance input validation in functions to ensure that only legitimate data can be processed, preventing arbitrary function calls.
• Always validate your code by writing comprehensive test cases that cover all the possible business logic.
• To prevent such vulnerabilities, the best Smart Contract auditors must examine the Smart Contracts for logical issues. We at CredShields provide smart contract security and end-to-end security of web applications and externally exposed networks. Schedule a call at https://credshields.com/
• Scan your Solidity contracts against the latest common security vulnerabilities with 130+ detections at SolidityScan

Fig: SolidityScan — Smart Contract Vulnerability Scanner

Conclusion:

SolidityScan is an advanced smart contract scanning tool that discovers vulnerabilities and reduces risks in code. Request a security audit with us, and we will help you secure your smart contracts. Signup for a free trial at https://solidityscan.com/signup

Follow us on our Social Media for Web3 security-related updates.
SolidityScan — LinkedIn | Twitter | Telegram | Discord