Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

Curve provides two kinds of stablecoin swap pools: standard and meta. The metapool allows coin to be pooled with another pool without diluting its value.

There are two main functions for this security issue: swap and swapUnderlying. swap is used to swap the LP token and the pool stablecoin. swapUnderlying is used to seap the pool stablecoin and the other underlying stable coins.

The price calculation between these two functions was inconsistent. In particular, the LP token failed to include the virtual price (no idea what this means) into the calculation for swap but not the swapUnderlying function.

By calling swap with fUSDT tokens, they would get an inflated number of LP tokens. Then, they could remove liquidity from the pool to call swapUnderlying to get more tokens of fUSDT than they started with. Again, they can create money out of thin air with this.

A simple mistake in the calculation and swapping of tokens caused this problem. Apparently, this mistake was programmed into a Solidity rewrite from Vyper then used in multiple places. A shared library bug is worth more than a single contact bug. Thanks Log4Shell!

The attacker performed this on Synapse for 8 million dollars but was unable to get this through for some reason. They performed this on a different location with the same vulnerability to steal 500K.