Radiant Capital Hack Analysis

Overview:

On January 3, 2024, Radiant Capital suffered an attack due to a precision loss vulnerability, leading to an approximate loss of over 4.5M USD.

Smart Contract Hack Overview:

• Attacker address: 0x826d5f
• Vulnerable Contract: 0xf4b148
• Attack contract: 0x39519c
• Attack Transaction: 0x1ce7e9

Fig: Attack Transaction

Decoding the Smart Contract Vulnerability:

1. An attacker can take advantage of a window of opportunity that arises when a lending market forks from AAVE or Compound to a new market.
2. The totalSupply parameter for the newly deployed token was uninitialized or set to 0, allowing the hacker to undertake price manipulation of the underlying assets via a flash loan attack.
3. The attacker was the first person to supply in this new USDC market, and he took advantage of the chance by manipulating the liquidityIndex, a fundamental feature in calculating AToken user balances, to borrow all of the ETH.
4. Money was removed from the pool by taking advantage of a known rounding error in the ‘rayDiv’ function and shifting the liquidityIndex to a far higher number than it should have been.

Fig: The root cause of the vulnerability

Mitigation and Best Practices:

• Multiplication should always be performed before division to avoid loss of precision.
• The calculated result for division and multiplication can be stored in an integer with more bits, but the operands must also be integers of the same size.
• The operands for the exponentiation function must be unsigned integers. Unsigned Integers with lower bits can be calculated and stored as unsigned integers with higher bits.
• To apply an arithmetic operation to all of the operands, they must all have the same data type; otherwise, the operation will not be performed.
• Always validate your code by writing comprehensive test cases that cover all the possible business logic.
• To prevent such vulnerabilities, the best Smart Contract auditors must examine the Smart Contracts for logical issues. We at CredShields provide smart contract security and end-to-end security of web applications and externally exposed networks. Schedule a call at https://credshields.com/
• Scan your Solidity contracts against the latest common security vulnerabilities with 130+ detections at SolidityScan.

Fig: SolidityScan — Smart Contract Vulnerability Scanner

Conclusion:

SolidityScan is an advanced smart contract scanning tool that discovers vulnerabilities and reduces risks in code. Request a security audit with us, and we will help you secure your smart contracts. Signup for a free trial at https://solidityscan.com/signup

Follow us on our Social Media for Web3 security-related updates.
SolidityScan — LinkedIn | Twitter | Telegram | Discord