Weekly Gauge #53 : Proof of Vulnerability
Weekly Gauge #53 : Proof of Vulnerability
A new iteration toward DeFi maturity
On Sunday July 30th, Dex platform Curve Finance was hacked for a total of $70M using a vulnerability affecting a set of pools using a specific older version of Vyper language compiler.
This is a strong hit to the whole DeFi ecosystem and contributes to feeding the crypto bera thesis, since Curve was considered a safe place for DeFi institutions and market makers. More generally, this is the first exploit directly affecting a “blue-chip” protocol, reminding users that even top tier projects can be at risk. Through this post mortem article, that we’ll call “proof of vulnerability”, let’s analyze the market reaction to the threat.
This article gathers a comprehensive analysis of the causes and subsequent events surrounding the recent Curve hack. However, since a lot of aspects relative to the topic have already been covered on Twitter we’ll try to push forward the analysis by asking the following question:
Does the new CRV holders’ distribution affect governance market dynamics and can we quantify it ?
The hack :
A critical reentrancy lock malfunction was exploited on Vyper, the second most widely used Web3 programming language after Solidity for EVM-compatible blockchains, leading to the hack of nearly a hundred million worth of cryptocurrencies on DEX Curve Finance.
A reentrancy attack occurs when a depositor of a vulnerable contract calls another malicious contract, with a fallback function, as recipient to withdraw funds before their balance is updated on the vulnerable contract, here allowing the hacker to drain funds from the Curve CRV/ETH pool.
Since the news of the hack was immediately widespread among the community and users of the protocol, the issue in Vyper was quickly identified and several other hackers (ethic ones) frontrunned the exploit on other vulnerable pools including alETH and JPEG’d. Although there are no strong evidences to confirm it yet, we believe the attack was conducted by several persons considering that Alchemix’s funds were kindly returned after some on-chain messaging trash talk, JPEG’d funds were returned against a bounty, and Curve’s funds -from the initial hack- are still missing.
Alchemix :
https://twitter.com/AlchemixFi/status/1688563278786818048?s=20
At the light of this incident, a new risk has been identified and should be assessed in the future standards of DeFi protocol audits, the Compiler risk.
Although most compilers are making significant and frequent changes which makes it bad for traditional auditing methods, several users such as @fubuloubu propose alternative solutions using permanently running incentives or bounty to hunt for critical exploits in compilers, especially versions released in the past.
Vyper code incorporates built-in reentrancy protection, which prevented developers and auditors from noticing potential issues during external inspections. The Vyper vulnerability allowed attackers to bypass the reentrancy locks, enabling them to perform the attacks.
The Fear :
Since Mango’s attacker Aavi Eisenberg failed attempt to liquidate Curve founder Michael Egorov, by heavily shorting CRV in 2022, had set a precedent on the risk of bad debt represented by his loans on AAVE, the hack triggered a catalyst reflexive feedback loop from users fearing that the hacker would dump all the drained CRV tokens, effectively liquidating Michael’s AAVE loan. This concern has previously been flagged by Gauntlet, who had suggested freezing CRV and setting CRV’s loan to value (LTV) to zero on Aave v2.
Despite it being his biggest position by far, the AAVE loans maybe weren’t the most urgent problem since a liquidation cascade could have been triggered from another lending platform. A Frax $10M loan on Fraxlend pushed the asset utilization rate to 100% resulting in the interest APY doubling every 12h due to the platform TVL incentive parameters, setting a liquidation deadline to 4 days from the hack.
The solutions :
Since the increasing interest rate for lenders wasn’t enough to incentivize holders to deposit FRAX tokens on Fraxlend and solve the utilization rate issue responsible for Mich’s up and coming liquidation, he took the initiative to open a pool with an additional CRV liquidity mining increasing the APR for depositors and maintaining it as the lenders apy decrease on fraxlend.
The process was the following:
- Create a crv lp pool where users can provide liquidity between crvUSD and frax deposited in fraxlend crv pool
- Use his crv to ensure it gets rewards in crv
- Depositors now get the 80% in fraxlend + crv emissions
As a result, fraxlend rates stabilize to prevent rapid doubling, liquidations are mitigated to a very low CRV price, depositors enjoy a reasonable yield, and crvUSD adoption experiences growth.
Courtesy of @dcfgod, this move was a success as it managed to attract several M$ however it wasn’t enough to bring Mich’s health ratio to a satisfying level of security. This is where the most interesting part of our analysis begins.
In an ingenious and opportunistic move to repay his loans and avoid the market price of CRV to collapse, Curve founder Micheal Egorov made two bird one stone by offering protocol aligned counterparties a 33% discount deal on his CRV, allowing him to sell a total of 143.65M units OTCed to 31 different buyers and recover $57M stable debt.
As per insider informations, the gentlemen agreements settled may vary from a deal to another but the general conditions included 6-8 months lock-up periods (can’t sell), however some actors impacted by the deprecation of CRV on AAVE V2 were allowed to use funds to repay their respective debts, as it technically doesn’t impact CRV’s market price.
Thanks to user @0xRamenUma’si dashboard and thread, you can find a detailed list of participants and track their remaining balance, at the time of writing 88.9M CRV or 61% of tokens are still in the wallets. To avoid a flood of information we will focus on the participants whose utilization of acquired CRV can impact market dynamics.
Here we define market dynamics within the scope that is usually studied in the weekly gauge, thus relative to governance markets, we can refer to weekly gauge #52 to overview the uses of the token included in the definition.
Hence, the following notable moves are to be highlighted:
Yearn Finance acquired an extra 3.75M CRV deposited for yCRV (10% supply share)
StakeDAO acquired an extra 1.25M CRV deposited for sdCRV (7% supply share)
NFT influencer Machibigbrother locked 3.75M CRV for 6 months (missing the full 50% discounted APR on voting incentives due to time lock low duration)
Spiral DAO acquired an extra 1.75M CRV
The vlCVX supply remained unchanged although around 15M CRV from OTC sales were deposited in convex for cvxCRV, increasing the underlying veCRV voting power held per vlCVX. 23M new CRV have been locked since July 31th pushing the total supply over 700M while the voting participation decreased to 85%.
Since the emissions are distributed pro-rata of the effective votes casted during a round, and as a direct consequence of the changes mentioned above, the efficiency of $/vote costs for bribers at the veCRV level decreased compared to the vlCVX layer.
In conclusion, by exploiting a zero-day compiler bug that required a lot of time for a researcher to identify, this hack paradoxically demonstrates how stronger and safer DeFi has become at the higher levels, although it reminds us how true the saying “code is law” is.
Finally, liquid lockers are strengthening their position within the governance wars and keep defending their value proposition even though their native emissions boost is approaching the end.
