SolidityScan
HACK ANALYSIS 3 min read

Tender Finance Hack Analysis — Improper Oracle Price calculation

Tender Finance Hack Analysis — Improper Oracle Price calculation

Overview:

On March 8, 2023, Tender Finance users of the DeFi borrowing platform, experienced a hack where they were subjected to an incorrect Oracle price computation for tGMX tokens. This mistake cost the customers around $1.6 million in loss.

Smart Contract Hack Overview:

Attacker’s transaction

Decoding the Smart Contract Vulnerability:

  • It was discovered that issues in the code used to integrate the new Oracle were overlooked during the build’s testing before deployment. The problem was that the pricing returned far too many decimal places with zeros.
  • Due to this decimal mistake, the contract returned the GMX price with 38 decimals rather than 18. By using just 1 GMX as collateral, the attacker could borrow practically all of the available money and bitcoins.
  • The attacker launched the attack, used the initial cash to buy tGMX tokens, and then used the tETH.borrow function to borrow.
  • The GMXPriceOracle.getUnderlyingPrice() method used in the borrowing process had a mistake that caused the starting price to be multiplied by both 1e20 and 1e10, which caused the price of tGMX tokens to rise sharply.
  • This enabled the attacker to borrow enormous quantities of money, resulting in a $1.6 million loss to Tender.fi, which was ultimately reimbursed as a bounty since the hacker returned all stolen funds.

Mitigation and Best Practices:

  • Always do extensive testing on the most recent changes made to the code using the most recent build and validate the requirements before beginning the test and reaching a conclusion.
  • Because the decimal place is implicit, the developer must account for the exact number of decimals.
  • Always audit the smart contract with all feasible test cases with multiple companies.
  • To prevent such vulnerabilities, the best Smart Contract auditors must examine the Smart Contracts for logical issues. We at CredShields provide smart contract security and end-to-end security of web applications and externally exposed networks. Schedule a call at https://credshields.com/
  • Scan your Solidity contracts against the latest common security vulnerabilities with 130+ detection at SolidityScan including access control vulnerabilities.
SolidityScan — Smart Contract Vulnerability Scanner

Conclusion:

SolidityScan is an advanced smart-contract scanning tool that discovers vulnerabilities and reduces risks in code. Request a security audit with us, and we will help you secure your smart contracts. Signup for a free trial at https://solidityscan.com/signup

Follow us on our Social Media for Web3 security-related updates.
SolidityScan — LinkedIn | Twitter | Telegram | Discord

Euler Finance Hack Analysis — Flash loan attack
Anji Eco Hack Analysis — Improper Upgrades