SolidityScan
HACK ANALYSIS 2 min read

Yearn finance Hack Analysis — Misconfigured yUSDT Mint

Yearn finance Hack Analysis — Misconfigured yUSDT Mint

Overview:

Due to a misconfigured iUSDC address at the time of deployment itself, a hack on Yearn finance on April 13, 2023, allowed an attacker to mint additional yUSDT tokens from only a small USDT deposit, resulting in a loss of around $11.5M to the protocol users.

Smart Contract Hack Overview:

Attacker’s transaction

Decoding the Smart Contract Vulnerability

  • The attacker obtained a flashloan to fund the attack and paid back the USDT loan gradually with the Aave pool.
  • The attacker mints bZxUSDC and rebalanced the yUSDT price, which was raised due to a misconfiguration in which the Fulcrum iUSDC token was utilized instead of the Fulcrum iUSDT token. The problem was discovered to have persisted since the contract’s release since the address for the fulcrum was misconfigured.
  • Then the attacker used the Curve Swap function to manipulate the share price and exchanged the incorrectly calculated yUSDT for stablecoins such as 61K $USDP, 1.5M $TUSD, 1.79M $BUSD, 1.2M $USDT, 2.58M $USDC, and 3M $DAI, which added up to a loss of $11.5M and flashloan was repaid.

Mitigation and Best Practices:

  • The attack could have been averted if proper validation and confirmation of the Fulcrum address had been performed during the deployment process before it was hardcoded in the constructor and deployed on the production/network environment.
  • It is crucial to thoroughly test the code logic prior to its deployment on the mainnet to mitigate potential vulnerabilities and prevent such incidents from occurring.
  • To prevent such vulnerabilities, the best Smart Contract auditors must examine the Smart Contracts for logical issues. We at CredShields provide smart contract security and end-to-end security of web applications and externally exposed networks. Schedule a call at https://credshields.com/
  • Scan your Solidity contracts against the latest common security vulnerabilities with 130+ detection at SolidityScan including access control vulnerabilities.
SolidityScan — Smart Contract Vulnerability Scanner

Conclusion:

SolidityScan is an advanced smart-contract scanning tool that discovers vulnerabilities and reduces risks in code. Request a security audit with us, and we will help you secure your smart contracts. Signup for a free trial at https://solidityscan.com/signup

Follow us on our Social Media for Web3 security-related updates.
SolidityScan — LinkedIn | Twitter | Telegram | Discord

MetaPoint Hack Analysis — Public Asset Transfer Approval
Hundred Finance Hack Analysis — Improper Business Logic