TL;DR#
On October 21, 2022, OlympusDAO was exploited, resulting in a loss of 30,437 OHM tokens, worth approximately $300,000.
Introduction to OlympusDAO#
OHM, governed by the Olympus DAO, is a decentralized reserve currency, with the purpose of providing the Web3 financial ecosystem with a censorship-resistant currency that preserves purchasing power, has deep liquidity, is trusted, and is widely used as a unit of account.
Vulnerability Assessment#
The root cause of the vulnerability is due to a lack of input validation in the contract.
Steps#
Step 1:
The DAO manages a token treasury in order to back the OHM token. The Treasury's goal is to ensure that the token maintains a certain floor price. If the token falls below that price, the treasury assets can be sold to purchase back OHM tokens, with the purpose of raising the token price back above that mark.
Step 2:
It employs a process called bonding in order to help the token stay above that threshold. The DAO purchases assets from investors for its treasury and issues OHM tokens to replace them. These bonds typically receive a 5-10% discount, and the tokens are distributed after a certain vesting period.
Step 3:
We attempted to analyze the attack transaction executed by the exploiter.
Step 4:
Inside the redeem function of the contract, it first checks to ensure that the token expiration of the requested token is at a later time than the current block. It then burns the amount of bonded tokens the user wants to redeem and transfers the underlying OHM token to the user.
/// @inheritdoc IBondFixedExpiryTeller
function redeem(ERC20BondToken token_, uint256 amount_) external override nonReentrant {
if (uint48(block.timestamp) < token_.expiry())
revert Teller_TokenNotMatured(token_.expiry());
token_.burn(msg.sender, amount_);
token_.underlying().transfer(msg.sender, amount_);
}
Step 5:
However, there were no checks in place to ensure that the user's balance was greater than the amount of tokens being transferred. Additionally, there were no checks to ensure that the token passed was not malicious.
Step 6:
The attacker was able to create a malicious token contract and use that to request all of the available tokens in the contract.
Aftermath#
It was later known that the affected contracts were not part of the OlympusDAO contracts. Instead, they were written by the Bond Protocol and used for the pilot launch of OHM bonds.
The team further stated that they will reimburse all of the users who were affected by this exploit. It was later found that the funds lost during the exploit were returned to the team.
Proof of Concept#
We have created a proof of concept about the underlying hack using Foundry. The details surrounding the attack can be viewed in the GitHub gist.
Solution#
This exploit could have been prevented if proper validation techniques had been used to ensure that all potential attack surfaces had been completely fixed. It is essential that the project team conduct rigorous audit procedures with multiple blockchain security firms to prevent such occurrences.
We may not have prevented the occurrence of this hack, however the impact or aftermath of this attack could have been significantly reduced if the team associated with OlympusDAO had set up a dedicated cover pool in the Neptune Mutual marketplace. We offer coverage to users who have suffered a loss of funds or digital assets occurring as a result of smart contract vulnerabilities owing to our parametric policies.
Users who purchase the available parametric cover policies do not need to provide loss evidence in order to receive payouts. Payouts can be claimed as soon as an incident is resolved through the incident resolution system. At the moment, our marketplace is available on two popular blockchain networks, Ethereum, and Arbitrum.
Neptune Mutual's security team would also have evaluated the platform for DNS and web-based security, frontend and backend security, intrusion detection and prevention, and other security considerations.
