www.sovryn.app Open in urlscan Pro
34.253.101.190  Public Scan

Form analysis
1 forms found in the DOM

Name: email-form — GET

<form id="email-form" name="email-form" data-name="Email Form" method="get" class="form" aria-label="Email Form">
  <div class="input__div"><label for="email-3" class="field-label-2">Subscribe</label><input type="email" class="text-field footer__field w-input" maxlength="256" name="email-3" data-name="Email 3"
      pattern="^[a-zA-Z0-9!$&amp;*.=^`|~#%'+\/?_{}-]+@([a-zA-Z0-9_-]+\.)+[a-zA-Z]{2,4}$" placeholder="Your Best Email" id="email-3" required=""></div><input type="submit" value="Subscribe" data-wait="Please wait..."
    class="sign-up btn footer__btn subscribe w-button">
</form>

Text Content

We use cookie to improve your experience on our site. By using our site you
consent cookies.

Accept

Home
Blog  
EnglishEspanol
MyntZeroLabsPerp futuresVideosContact
DAPP (Alpha)




INTERIM EXPLOIT UPDATE

Brought to you by Sovryn

October 4, 2022


KEY POINTS:

 * An attacker exploited the legacy Lend/Borrow protocol to inappropriately
   withdraw funds
 * The attack was detected by Sovryn devs and the system placed into maintenance
   mode
 * Roughly half of the funds have been recovered so far
 * Potential remaining user losses will be fully covered by the Exchequer

‍


DESCRIPTION:

Today, starting early in the a.m. (UTC), an attacker began an effort to exploit
a vulnerability they had discovered in the legacy Sovryn Lend/Borrow protocol.
This exploit is still being investigated. We currently know that it does not
affect Zero. Present investigation indicates only two lending pools have been
impacted:

 * The RBTC lending pool
 * The USDT lending pool

‍

This allowed the attacker to withdraw RBTC and USDT from the lending pools in
the following amounts: 

 * 44.93 RBTC
 * 211,045 USDT

‍

The below addresses have been associated with the attacker:

 * 0xc92EBeCDa030234C10e149bEEAD6bba61197531a
 * 0xDaA2e727738f742FF1a2FCD2C6419Dc6BEfBFf6C
 * 0xa893cdcb731ae8f91cb50f51f28980cdba96b0a6
 * 0xe40151f2b79816BC00D277addb991c4e16607d22 
 * 0x23B2Df5d429cA8f189Fd57D5Bc4B35f5dE580731 

‍

Some of the funds were withdrawn using the AMM swap function, so the attacker
ended up with several different tokens. See below for a more detailed
description of the exploit.

‍

The unusual activity was detected by Sovryn devs and the system was placed in
maintenance mode. This restricted further transactions and allowed time for
developers to investigate the issue. 

‍

Due to the multi-layered security approach taken, devs were able to identify and
recover funds as the attacker was attempting to withdraw the funds. The effort
to recover funds is ongoing. At this point, through a combined effort, devs have
managed to recover about half the value of the exploit. Fund recovery efforts
are still ongoing.

‍

User funds are not at risk. Exchequer will reinject any missing value to the
lending pools. 

‍


NEXT STEPS: 

 1. Asset recovery efforts will continue.
 2. A full investigation of the exploit will be concluded.
 3. A plan is being formulated to return the system to full functionality. We
    are currently targeting midday tomorrow - but maintenance mode will only be
    removed once there is confidence in system safety. 
 4. A full post-mortem will be published.
 5. Findings will be documented for future improvement.

‍


HOW DID THE EXPLOIT WORK?

The exploit utilized a manipulation of the iToken price. This token price is
updated every time there’s an interaction with one of its lending pool’s
positions. The attacker first bought WRBTC with a flash swap from RskSwap and
then borrowed WRBTC from the RBTC Sovryn lending contract using their own XUSD
as collateral. The attacker then provided liquidity to the RBTC lending
contract, closed their loan with a swap using their XUSD collateral, redeemed
(burned) their iRBTC token, and sent the WRBTC back to RskSwap to complete the
flash swap. This sequence of events manipulated the iRBTC price such that they
were able to take out much more RBTC than they originally deposited.

‍


YOU MAY ALSO LIKE


INTERIM EXPLOIT UPDATE

An interim update on today's exploit...

Read More


YOUR KEYS, YOUR COINS WITH ZERO

Your keys, Your coins and Zero

Read More


ZERO FIXES THIS: BORROWING AGAINST BITCOIN WITH ZERO VS. CEFI

Read about the advantages of a Zero loan over CeFi alternatives...

Read More


LEAVE A REPLY


Please enable JavaScript to view the comments powered by Disqus.
Subscribe
Thanks for getting in touch.
Oops! Something went wrong while submitting the form.
BlogMyntZeroLabs
Perp CompVideosContactWiki


FOLLOW US ON SOCIALS




© Sovryn. All rights reserved.

Privacy PolicyTerms of Service