Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

Sovryn is a decentralized trading and lending protocol. It is deployed on RSK, a sidechain of the Bitcoin blockchain. When lending give out money, they earn interest on their BTC being used for lending.

In the DeFi world, most loans are over-colleateralized in order to ensure they can be paid off. This is because the blockchain does not have the means to ruin the users life via bad credit score and other things if they do not pay back the money.

When takes out the money for a loan, the function borrow can be used to specify information about the loan, such as the pool to take the collateral on and the loan id to use. Additionally, a different receiver that be sent as a parameter as well.

By specifying the loanid on the call, an attacker can take out loans for other users. According to the article, this is ONLY possible when the loanid has unused collateral. However, it may have been possible to race the removal of a loan from the contract as well.

To launch this attack, first, an attacker needs to identify a loan with unused collateral (theoretically). Next, they need to call borrow() with the receiver that they control. Since they have a loan using someone else's collateral, there is no penalty for paying back the loan! They do not have to pay this back.

The same vulnerability happens within the marginTrade() function. A malicious user can put someone else in a bad position but specifying that user. In particular, the function call allowed for the setting of the trader on the call, when it should have been msg.sender.