Before I begin, I’d like to give a massive thank you & shoutout to MCDex being the first Gold Sponsor of DeFi Weekly! You can read more about them at the end of this article 🙂 If you’re interested in being a DeFi Weekly sponsor feel free to reply to this email.
A few days ago, an exploit with the STA token was exposed via a Balancer Pool. Out of interest, I wanted to see if there was interest to truly understand what happened. Turns out there was.
Anyone keen for a breakdown of breakdown of what happened with Balancer in detail with cool hand drawn diagrams? 150 likes and we’re game.
June 29th 2020
8 Retweets148 Likes
So for context, STA is basically a ponzi coin where each transfer results in a 1% fee. Why people still bother with stuff like this is out of my mind, but anyways it happens. Now, STA holders thought that launching a Balancer pool with STA/WETH would be a great idea to Yield Farm with a deflationary token (even though Balancer doesn’t explicitly state it).
It’s pretty easy for most people to say that something is an ERC20 token, even though it strictly isn’t. The very pointy features that a proper ERC20 implementation requires are:
Having all the required functions: transfer(), transferFrom(), totalSupply(), approve(), balanceOf(), allowance(), name(), symbol(), decimals() AND the relevant events emitted so off-chain services can parse the blockchain properly
Returning true/false when a transfer occurs to indicate the result
Having 18 decimal places (yes, USDC isn’t really ERC20 compliant)
Ensuring that the amount of tokens returned when transfer() or transferFrom() is called is the same amount as you specify
STA explicitly breaks that last condition through implementing a 1% fee every time the token is transferred. This wrecks more havoc than you can imagine as a smart contract developer. It’s so bad that Kain tweeted this:
Fun fact, re the fee token hacks today, among the many dumb things I was responsible for in 2017/18 implementing fees into an ERC-20 token (nUSD) was probably in the top three. It broke so much shit it was kind of nuts. Thankfully this was before composability was a thing…
June 29th 2020
4 Retweets82 Likes
So basically you know by now that the developers/implementers behind STA already showed their lack of technical competency, and their users were probably unaware of this to begin since how many users can you expect to know whether you have an ERC20 token or a proper ERC20 token implementation…
For those of you that aren’t full sure how AMMs work, I’d highly recommend checking out the following material before proceeding:
So now we have STA users who decide to be yield farmers without fully understanding the risks they’re actually taking on. However, a black-hat DeFi developer actually does and decides to help explain it for them.
Here’s the transaction in question:
Here’s a visual breakdown of what happened:
Steps broken down:
Acquire 104,000 ETH via a flash loan from dYdX. For those of you that don’t know what a flash loan is, it basically lets you borrow money without collateral as long as you pay it back at the end of the transaction.
Sell ETH for STA multiple times. Each time STA is sold/purchased, the pool has less STA than it actually thinks it does. To better demonstrate this, I drew a little picture that breaks down the numbers.
As you can see in the red, within 1 round of buying/selling STA with ETH, the pool has less STA than it started with even though there’s nothing actually changing with the trade.
Eventually the pool is in a place where the STA balance is very low and the ETH balance of the pool is very high.
In order to finally profit from making the pool very lopsided, DeFi Chad sells the smallest possible unit of an STA token for ETH. Now since Solidity can’t handle decimals, 1% of 1 equates to 0. Therefore, Chad is selling 0 tokens for a lot of ETH back to the pool. This ETH is the ETH deposited by liquidity providers.
He then repeats this process many, many times with other assets effectively walking away with a clean $500k for $50 of transaction fees. Not bad at all.
Just today only, Balancer issued a statement that they’ll be refunding LPs who lost tokens providing liquidity.
After thorough discussions with the community, the Balancer Labs team decided that it will fully reimburse all the liquidity providers who lost funds in the attack of yesterday. We will also pay out the highest bug bounty available for @Hex_Capital More details on the…
June 29th 2020
91 Retweets332 Likes
As much as I’m for user security and making DeFi larger, I’m not in favour of decentralised protocols giving refunds for users who were providing 0 utility to the network via a coin which is more or less a ponzi. It sets the precedent that you don’t need to do due diligence and can fall back on the team paying you out instead.
Regardless, there’s a few questions which I think are worth thinking about when it comes to this particular incident:
Should protocols be open platforms and allow listing of any assets or is a curation process more necessary than ever? For example Compound doesn’t allow you to lend/borrow any assets as liquidity is more key. DEXs are slightly different since you’re not borrowing money, just swapping assets. However should the disclaimers for user generated pools be much greater than team approved pools?
Are protocols truly permision-less infrastructure or can you bank on teams to use owner privileges to make things right? If Compound is hacked tomorrow, should we expect Compound to pay out users via $COMP or from their $25m raise? I’d hope not.
Should DeFi be left to professionals with the correct financial + technical experience? Knowing whether a token is properly ERC20 compliant is not in an everyday person’s grasp. Should we be thinking about how to abstract away DeFi to trusted custodians?
Anyways, that’s about it for this piece!