TL;DR#
On January 15, 2022, Midas Capital was exploited by a hacker, causing a loss of assets worth 663,101 MATIC amounting
to over $660,000.
Introduction to Midas Capital#
Midas Capital is a cross-chain money market solution that unlocks and maximizes the usage of all digital assets.
Vulnerability Assessment#
The vulnerability stems from a miscalculation of token prices brought on by the read-only reentrancy issue which
appeared while interacting with some Curve pools.
The read-only reentrancy attack leverage flaws in view methods that can be invoked from callbacks when contract
storage is altered via manipulations using flash loan techniques.
Steps#
Step 1:
The attack transaction carried out by the exploiter can be viewed here.
Step 2:
According to the team, they had listed the WMATIC-stMATIC
Curve LP token on their platform a few days ago with supply caps of about 250,000 and had not disclosed it.
Step 3:
The team had discussed the addition of such assets with the Jarvis Network team as a strategy to provide new options
for pool users, and supply limitations were put in place to avoid excessive borrowing against such LP token.
Step 4:
These assets, however, were manipulated by means of a flash loan from Balancer V2, AAVE V3, and AAVE V2, which
allowed the attacker to inflate the LP token price and borrow against it.
Step 5:
The attacker used 270,000 $WMATIC in collateral to mint about 131,000 jFIAT tokens. After a series of price changes,
the attacker created a new contract and utilized 1/10 of the borrowed amount to liquidate the debt and redeem 103,000
jFIAT tokens.
Step 6:
The price was determined using the contract's get_virtual_price function, which relied on parameters self.D and
totalSupply. Because of the Reentrancy attack, the contract burnt tokens before the unexpected callback, and the team
may have overestimated the attack contract's position and lent extra assets to their contract.
Step 7:
As a result, the value of self.D during the attack increased by tenfold. Thus, with the same totalSupply parameters
as the LP token, the token's price increased by 10 times.
Step 8:
Therefore, when the supplied liquidity was removed from Curve, the hacker triggered a callback that allowed them to
borrow assets at an inaccurate price of the Curve LP in Midas Capital, increasing their collateral by tenfold.
Step 9:
The team evidently misjudged the impact of the re-entrancy attack on their oracle
solution because they used a pool consisting entirely of wrapped assets.
Step 10:
The exploiter's initial gas fee came from HitBTC, and part of the profit were split to HitBTC, KuCoin, and
Binance.
Aftermath#
Following the incident, the team tweeted that they had halted borrowing
from the Jarvis Polygon pool while they look into the matter more thoroughly.
Solution#
Such attacks can be mitigated to a greater extent by utilizing a mutex, also known as a lock, to ensure that only one
call to the contract's functions is executed at a time. This is accomplished by using a boolean variable as a lock
and running the critical part of code only if the lock has not already been set.
It's also advisable to verify the call stack depth to make sure that an attacker can't repeatedly call the
function triggering an infinite loop.
We may not have prevented the occurrence of this hack, however the impact or aftermath of this attack could have been
significantly reduced if Midas Capital had a dedicated cover pool in the Neptune Mutual marketplace. We coverage to
users who have suffered a loss of funds or digital assets occurring as a result of smart contract vulnerabilities
owing to our parametric policies.
Users who purchase our parametric cover policy do not need to provide
loss evidence in order to receive payouts. Payouts can be claimed as soon as an incident like this is resolved through
our governance system.
Neptune Mutual's security team would also have evaluated the platform for DNS and web-based security, frontend
and backend security, intrusion detection and prevention, and other security considerations.
Reference Sources Midas Capital, BlockSec
