Flash loans, reentrancy, and fake tokens

The past month has been a rough one for some projects in the Defi space. There have been 4 major projects suffering from flash loan-related attacks, Akropolis, Harvest, Value Finance, Origin Protocol, and most recently Pickle Finance (though Pickle's attack was not due to a flash loan), totaling $58 million stolen. In this post we’ll take a look at what happened with these previous incidents and discuss how yAxis’ Metavault is secure against these types of attacks.


On October 26th, Harvest Finance was attacked causing them to lose $24 million. This attack is about as pure of a flash loan arbitrage scenario as it gets. Where the attacker used Uniswap to receive USDT and USDC in order to manipulate the Y pool on curve.fi, which is used by Harvest’s USDT and USDC vaults. The attack was repeated multiple times until the attacker ended up transferring some of the funds back to the Harvest deployer and simply stopped draining funds from the vaults. In order to mitigate flash loan attacks, Harvest is proposing to utilize a commit-reveal scheme for deposits.

Attack transaction (one of many): https://etherscan.io/tx/0x35f8d2f572fceaac9288e5d462117850ef2694786992a8c3f6d02612277b0877

Post mortem: https://medium.com/harvest-finance/harvest-flashloan-economic-attack-post-mortem-3cf900d65217


Next, on November 12th, Akropolis was attacked draining $2 million from the platform. This attacker used a flash loan from dYdX along with reentrancy in order to manipulate the Y pool on curve.fi. In addition, the attacker was able to use a fake token to deposit to the platform, since there was not a requirement in place for only allowed tokens to be deposited.

Attack transaction: https://etherscan.io/tx/0x4ec646d40205bb9caf92f86da911350abd764de51e154fce2771ea431020091c

Pre-post mortem: https://akropolis.substack.com/p/delphi-savings-pool-exploit

Value Finance

Then on November 14th, Value Finance’s MultiStables vault was unexpectedly attacked for $6 million. This one was interesting because the Value Finance team had assumed that they were secure against smart contracts from interacting with their vault. However, there was another contract which was allowed to interact with the vaults that did not prevent smart contracts from interacting with it that was targeted for the attack.

Smart contract auditor PeckShield wrote an excellent root cause analysis article that explains the attack step-by-step. In short, the flash loaned funds were able to manipulate the price of stablecoins on curve.fi in order to give the attacker more pool tokens than expected. This was not checked because it was assumed that the vault was safe from flash loans in the first place.

Attack transaction: https://etherscan.io/tx/0x46a03488247425f845e444b9c10b52ba3c14927c687d38287c0faddc7471150a

Post mortem: https://valuedefi.medium.com/multistables-vault-exploit-post-mortem-d11b0635788f

Additional analysis: https://peckshield.medium.com/value-defi-incident-root-cause-analysis-fbab71faf373

Now partnered with Chainlink https://twitter.com/value_defi/status/1329464502283329537

Origin Protocol

On November 17th, Origin Protocol was attacked for $7 million. This attacker took a flash loan of Ether from dYdX, bought USDT and DAI on Uniswap, minted OUSD, then utilized reentrancy and a fake token to continuously mint OUSD. They then swapped that OUSD for USDT, redeemed DAI, USDT, and USDC from the OUSD vault, swapped the stablecoins for ETH and paid off the loan.

Attack transaction: https://etherscan.io/tx/0xe1c76241dda7c5fcf1988454c621142495640e708e3f8377982f55f8cf2a8401

Post mortem: https://medium.com/originprotocol/urgent-ousd-has-hacked-and-there-has-been-a-loss-of-funds-7b8c4a7d534c

Pickle Finance

The latest attack, on November 22nd, Pickle Finance was drained of $19 million. This attack is the only one of this blog post that was not a flash loan attack, and instead used a fake Pickle Jar to drain funds by taking advantage of a vulnerability in Pickle’s controller contract.

The yAxis Metavault was using a different Pickle farm for its strategy during this attack. Before Pickle advised users to withdraw funds from all Jars and Farms, the yAxis team had already withdrawn funds from the strategy, saving over $17 million from being stolen.

Attack transaction: https://etherscan.io/tx/0xe72d4e7ba9b5af0cf2a8cfb1e30fd9f388df0ab3da79790be842bfbed11087b0

Post mortem 1: https://picklefinance.medium.com/pickle-was-hacked-and-there-has-been-a-loss-of-funds-414b99969c29

Post mortem 2: https://github.com/banteg/evil-jar

The yAxis Metavault

Flash loans introduce a new type of exploit that projects must treat the same way as over or underflows and reentrancy when developing their smart contract protocols.

The yAxis Metavault is a smart contract which takes stablecoins, puts them into a strategy which deposits to a yield-generating pool, then returns that yield back to depositors in the form of more stablecoins than they originally deposited and to YAX token stakers in the form of more YAX. The Metavault has been built with a number of security features in mind to keep user funds safe.

Metavault Security Features

One of the key security features of the yAxis Metavault is that it disallows smart contract interaction by default. This alone prevents any type of flash loan or reentrancy type of attack from being able to occur with the vault. However, as Value Finance learned, any contract that is allowed to interact with the vault must also be checked for its ability to allow for smart contract interaction. Currently there are no contracts that have this ability, and any future proposal will certainly face significant scrutiny before being allowed.

The handling of fake tokens, and in the case of Pickle, a fake jar, has also been a common occurrence with the recent attacks on other projects. The yAxis Metavault simply ignores any token deposited to it which is not already expected in the contract. Depositing an unknown token to the vault will only donate some ETH to miners for gas.

Looking Towards the Future

The next iteration of the Metavault will introduce multiple capped strategies. Capped strategies have their own benefits: one is that yield is not diluted if too many depositors add funds to a pool, and two is the risk of a loss of funds is limited to the cap of the strategy, rather than the TVL of a vault.

The Metavault V2 will go through a stringent audit and security review before being deployed to mainnet. Though each of the projects above had received audits, that does not mean that they are worthless or without purpose. It is still important to get another team of security-minded engineers to go over a project before accepting user funds.

In the next security-focused article, we’ll go over access controls of all of the yAxis project’s contracts.