KyberSwap’s $47M Reentrancy Attack: A Deep Dive into the Exploit
Let’s take a closer look inside a $47M reentrancy attack on KyberSwap.
🇺🇦 Hacken stands with Ukraine!Learn more
The DeFi revolution has amplified smart contract capabilities. At the same time, the extensive smart contract capabilities have exposed deeper software vulnerabilities underpinning decentralized financial services. This article will consider the latest trends in Web 3.0 smart contact security, identify common smart contract vulnerability patterns, and provide recommendations on protecting your financial assets.
Errors in the smart contract code have been responsible for most instances of theft from DeFi protocols. Hackers are quick to cash in on smart contract vulnerabilities. The Defiyield rekt database reports 33 smart contract exploits in 2022. In total, these exploits amounted to $1.246 billion in losses. The top five biggest smart contract breaches were Ronin ($615m), Wormhole ($326m), Mirror Protocol ($90m), Qubit Finance ($80m), and Cashio ($48m).
|Size||Small Exploits< $1 million||Medium Exploits < $10 million||Large Exploits> $10 million||Super Exploits> $100 million|
|Number of exploits||10||15||6||2|
The amount of funds stolen due to smart contract exploits has increased tremendously since the start of 2022. We have analyzed dozens of smart contract exploits that have taken place in 2022 and identified the following common vulnerabilities:
1. Re-entrancy. When a contract “calls” another contract, it can determine the amount of available gas. A malicious contract will make a re-entrant call. If the caller does not update its internal state, the hacker can drain all the funds.
2. Unhandled exceptions. This exploit happens when a low-level operation in solidity, i.e., send, does not return an exception on failure but a boolean. If the return value is not checked, the attacker can continue executing the operation even if the payment fails.
3. Locked Ether. The received funds can be permanently locked, or the contract will always run out of gas resulting in the locked funds. This happens when the contract depends on another contract that has been destroyed using a particular instruction.
4. Transaction order dependency. The attacker can exploit the Ethereum single-block property for multiple transactions. When the order of two transactions calling the same contract changes the final result.
5. Integer overflow and underflow. A loop counter can overflow to create an infinite loop resulting in the funds being locked. The attacker can manually trigger an overflow.
6. Unrestricted action. The attacker has the ability to bypass authorization. For example, there may be an error in withdrawal functionality. Every smart contract has a function responsible for governing the withdrawal of funds. Sometimes, these functions do not have enough protection, allowing hackers to withdraw tokens to their address.
A smart contract audit is a process whereby a third party or exchange analyzes a smart contract code behind a token or DeFi protocol. The audit confirms to the public that your contract contains no mechanisms and loopholes to steal investors’ funds. Hacken conducts top-tier smart contract audits for all networks, including Ethereum, Solana, BSC, Polygon, Avalanche, and Fantom. Another recommendation is to screen the wallets interacting with their smart contracts for prior transactions with known illicit addresses. This is the most essential tool for eliminating smart contract vulnerabilities.
In addition to smart contract audits, you can improve your overall cybersecurity through penetration testing and bug bounties. Hacken offers network, internal, and external Penetration Testing Services to estimate the level of your system’s resistance to cyberattacks. HackenProof is a bug bounty and vulnerability coordination platform that connects customers with thousands of ethical hackers. Crowdsourced bug bounties help find and resolve bugs before hackers can exploit vulnerabilities.