DeFi’s Double-Edged Sword

Quantstamp Announcements
March 4, 2020

Composability allows for DeFi projects to leverage one another to create powerful new functionality. However this composability also introduces more risk. 

A vulnerability in one DeFi application can have an impact on all the other projects that use it. Even if one of these money legos does not have an obvious vulnerability in its design, it may be mis-used. These issues have existed for a while, but have been made easier to exploit through the introduction of flash loans.

While flash loans themselves do not introduce new vulnerabilities, they level the playing field for attacks which previously required large amounts of capital. 

The bZx Attacks

Recently, there were two attacks involving the bZx protocol facilitated by flash loans.

In the first attack, a bug in bZx’s margin logic allowed the attacker to use leveraged ETH to artificially push up the price of WBTC on Uniswap. The attacker then used WBTC previously borrowed at market value from Compound to profit from the inflated price on Uniswap. 

In the second attack, bZx relied on Uniswap(through KyberSwap) as a price oracle for valuing collateral within the bZx system. After pushing up the value of sUSD, this allowed the attacker to take out a loan that was valued way more than the market value of sUSD collateral. The attacker profited by keeping the loan and abandoning the bZx position. 

For more reading on these vulnerabilities we recommend reading Peckshields’ walkthroughs of the first and second attacks.

Flash Loans Reduce the Barrier of Entry for Financial Attacks

Before the introduction of flash loans, these financial attacks still existed, but they required access to large financial reserves to be profitable. Now, anyone with the technical capability can pull off attacks such as market manipulation which usually require large amounts of funds.

In December of 2019, a similar type of financial attack was performed on the Synthetix exchange by a hacker who manipulated the price of MKR while holding directional trades on Synthetix. This attack required about $340,000 ($62,600 in MKR, $163,125 in long MKR, $115,275 in short MKR). If the attacker had used smaller amounts, he wouldn’t have been able to move the price much relative to the liquidity in the Uniswap pool, and he wouldn’t have made much money. In comparison to that attack which required hundreds of thousands of dollars, the bZx hacks which used flash loans required just $8 in transaction fees in the first case, and $110 in the second case.

These attacks and even flash loans have parallels in traditional finance. Just like there are flash loan attacks in DeFi, traditional finance also has similar tactics. When I was working at Tower Research, each trading desk was allocated a pool of capital, but if we saw a particularly juicy opportunity, we could borrow tens of millions of dollars to take advantage of it. 

For the bZx attacks, from a trading perspective they can be viewed as arbitrage opportunities between the rate of assets on one platform, and the rate after causing massive slippage on a DEX. The attacker is using flash loans to close that arbitrage. 

The other aspect of flash loans which is underappreciated is it makes it easier to profit from these attacks because it reduces the amount of illicit funds which need to be obfuscated. 

A financial attack like this is basically illegal, so to pull it off, an attacker needs to obfuscate the origin of their funds. As exchanges now almost all uniformly implement KYC, this can be quite difficult for any attack requiring a large amount of capital.

Now, with flash loans, attackers have instant access to a large pool of capital which is returned at the end of the attack, so the only funds they need to obfuscate is the gains from the exploit. This vastly simplifies the logistics for executing and profiting from an attack. 

Previously when we advised clients on possible financial attack vectors, it was mostly theoretical, but flash loans now make them much more likely and accessible.

Security Can’t be an Afterthought

Move slow, and test things. For all smart contracts but especially for DeFi applications, security best practices need to be taken, including audits, testing, monitoring, and having emergency procedures ready. Progressive rollouts are also a good idea so that security issues can be spotted when the cost of an attack is still relatively small.

Besides auditing the code for bugs and implementation issues, financial attacks such as oracle manipulation also need to be analyzed. This is especially true as DeFi grows and these money legos handle more assets. 

Financial Attacks Should Be Part of Smart Contract Audits

People say that the bZx attacks are primarily financial attacks outside the scope of smart contract audits, but I disagree. Even considering the second attack which did not take advantage of a missing sanity check, oracle attacks and economic vulnerabilities should absolutely be considered as part of smart contract audits. 

DeFi especially, the composability of these apps means that financial attack vectors need to be carefully considered. 

Growing Pains

While these attacks have highlighted weaknesses in some of the current DeFi systems, they also show us what needs to change for DeFi to grow stronger. We believe the industry will learn from these attacks and develop a better security culture as a result. 

We also want to thank the work of altruistic actors such as Samczsun. His discoveries, research, and collaborations with DeFi projects have helped teams proactively address security issues and have helped the industry improve its security practices. 

This article originally appeared in The Defiant, DeFi's top daily newsletter.

Assess your DeFi project for Vulnerabilities
Get a DeFi Audit
March 31, 2020

Quantstamp Joins MyID Alliance

Quantstamp is proud to join the MyID Alliance, a Digital ID initiative by ICONLOOP. As the world moves towards more online and less face-to-face interactions, Digital ID will be a key enabling technology. 

March 24, 2020

Market Dynamics of the 1st bZx Hack: Flash Loans and the Insolvent Loan

In this series, we describe the market dynamics of the 1st bZx attack so we can avoid attacks with market manipulation components in the future.

March 13, 2020

Top 3 DeFi Trends

This post discusses how flash loans, zaps, and DeFi aggregators are leveraging composability in order to simplify the user experience and ultimately make DeFi markets hyper-efficient.

March 11, 2020

Bringing Bitcoin to DeFi

DeFi is blockchain’s first killer app, with assets locked up approaching $1 billion USD. But one major asset is missing: Bitcoin. Bitcoin is not only the first crypto asset, but the largest - with over $168 billion USD of Bitcoin in circulation it has deep pools of liquidity. It is one of the least volatile cryptocurrencies and has a large network of fiat on and off ramps. All these properties make it a great crypto-collateral. We think Bitcoin has the potential to transform the DeFi landscape as the most widespread and liquid asset available today.