Poly Network Heist — Alarm Bells in DeFi Security

2021-08-24, 07:47

[Abstract] Cross-chain DeFi platform Poly Network was hacked on August 10, 2021, with the alleged hacker draining up to $610 million in crypto. But just a few days later, the hacker promised to return the stolen assets. This article, beginning with this heist event, will throw light on DeFi security issues. First of all, the incident will be illustrated thoroughly and orderly while some messages from the hacker will be compiled for reference. Then, the author will analyze briefly how the hacker exploits a bug in Poly Network’s smart contract to steal funds. What’s more, there will be an introduction to three common attacks in DeFi and the security advantages of centralized exchanges at the end of the article.

[Key words]: Poly Network, Cross-chain protocol, “White Hat” hacker, DeFi, Re-Entrancy attacks

Introduction

On August 10, 2021, Poly team tweeted that Poly Network(a cross-chain interoperability protocol) was attacked on Ethereum, Binance Smart Chain(BSC) and Polygon blockchains, with $270 million, $250 million and $85 million in crypto stolen respectively. Nearly $610 million was lost and a large number of users have been affected, and even some leaders in the crypto industry have to face hundreds of millions of dollars gone.


Hacking is not uncommon in the crypto world, but this is the first time that a heist involving such a large amount of funds has been reported. Soon, the Poly Network hack was placed among the largest in the crypto industry. What is the whole story of this shocking incident? Why is the Poly Network a target for hacker attacks? What can we learn from it? How do users relieve the security risk in crypto trading and investment? This article will inspire you on security in DeFi.


Ups and Downs

First of all, let’s have a recap of what happened.

Poly Network team tweeted on August 10, 2021, that it was hacked for about $610 million worth of cryptocurrencies which have been transferred to three addresses(over $250 million to BSC address starting with 0x0D6e2; more than $270 million to Ethereum address starting with 0xC8a65; nearly $85 million to Polygon address starting with ox5dc36). Besides Poly Network publishing the account holding stolen assets, it has also called on miners of the affected blockchain and crypto exchange to blacklist tokens coming from the addresses(as shown in the image below)




Subsequently, Tether, the issuer of USDT, tweeted that it had frozen approximately $33 million worth of USDT in relation to the hack. Interestingly, a message was sent by the address (hanashiro.eth) to the hacker to remind him that the USDT has been frozen, after which, 13.37 ETH was transferred to the address. As a result, many speculators sent messages to the hacker address to show their loyalties, hoping to get rewarded.

At the same time, Poly Network tracks the attacker’s email, IP and other identity-related clues through the on-chain and off-chain information while continuing to post on Twitter, trying to negotiate with him. Poly team posted to warn that the amount of money hacked was the biggest one in the DeFi history and law enforcement in any country will regard it as a major economic crime, hoping that the hacker can return the funds as soon as possible and that they can negotiate with each other to work out a solution.




However, the hacker showed his indifference towards keeping the money. According to Etherscan, the hacker embedded a message in an on-chain transaction on August 11 and claimed that he was ready to return the refunds. He then said he was unable to get in touch with Poly Network and asked for multisig wallets. After the wallets were provided, the hacker began to return the stolen crypto assets one after another. As of August 12, the drama around the over-50hr heist has come to an end and all assets have been returned except the $33 million in USDT that was frozen.


Honor among Thieves?

However, the hacker seemed to be not satisfied with the end of this incident. On August 11, he left a message when transferring on the Ethereum network and directed an interview in the form of Q&A by himself, explaining his motivations and details of the attack. Some parts of the self discussion by the hacker are compiled as follows. Viewers can make judgments by themselves after reading the compilation.

Q: Why hacking?
A: For fun
Q: Why Poly Network?
A: Cross-chain hacking is hot
Q: Why transfer tokens?
A: When spotting the bug, I had a mixed feeling. Ask yourself what to do if you are facing so much fortune. Asking the project team politely so that they can fix it? Anyone could be the traitor given one billion! I can trust nobody! The only solution I can come up with is saving it in a trusted account while keeping myself anonymous and safe. Now everyone smells a sense of conspiracy. Insider? Not me, but who knows? I take the responsibility to expose the vulnerability before any insiders hide and exploit it!
Q: Why returning?
A: That’s always the plan! I am not very interested in money! I know it hurts when people are attacked, but shouldn’t they learn something from those hacks? I announced the returning decision before midnight so people who had faith in me should have a good rest.
Q: Why refund? Coward?
A: Whatever. When you judge others, you do not define them, but you define yourself. I already enjoyed what I cared about most: hacking and guiding. Few hackers can understand the situation of DeFi security. Yes, you see a lot of hacks, but most of them are not enjoyable as a real hacker. Some stupid code leads to a huge amount of loss, but it’s not challenging. It’s like fighting against a teenager.

I would admit that the Poly hack was not as fancy as you imagine, but I did experience something new from the project. I would say figuring out the blind spot in the architecture of Poly Network would be one of the best moments in my life.

I’ve got enough money as the growth of the crypto world. I’ve been exploring the meaning of life for a while. I hope my life can be composed of unique adventures, so I like to learn and hack everything to fight against fate. SEIN ZUM TODE. (Note: the phrase “SEIN ZUM TODE” by Heidegger, a German philosopher, means being-toward-death)


To be honest, I did have some selfish motives to do something cool but not harmful. By leveraging the huge fund, like the Dao idea. Then I realized being a moral leader would be the coolest hack I could ever archive! Cheers!




The above is an excerpt of the compilation over the hacker's self discussion. If you are interested in the full response from him, please read on Twitter.

It has to be said that this “Mr. White Hat” who can “get money anyway” is a great dramatist. He has successively launched 8 parts of the reply explaining his motivation for the attack, the reason for the refund, views on the Poly Network team and opinions on many details. What’s more, he claimed to be a moral leader.

The “White Hat” hacker didn’t lead to the direct loss of money in the Poly Network project, but he provoked an uproar in the crypto world. Doubts about the security of DeFi are inevitably haunting people’s minds.

Attack Your Shield with Your Spear

After the hack, numerous security & technology teams began to analyze the reasons why $610 million was stolen in the Poly Network. BlockSec, a blockchain security firm, said in an attack analysis report that the hack may have been triggered by the leak of a private key that was used to sign the cross-chain message, or the potential bug during Poly’s signing process. But according to the Slowmist team, the popular statement on the Internet that it’s the leak of a private key that caused the attack is not reliable. The attacker modified the Keeper signature in the cross-chain contract by carefully constructing data to transfer the funds to the specified address.


In the Poly Network white paper, we can see how cross-chain transactions are realized. Poly Chain is the repeater of the entire multi-chain architecture. And cross-chain transactions performed by users on the source chain need to synchronize block header information to the target chain through Poly Chain to execute the related transactions.

A series of smart contracts on each chain are deployed in Poly Network’s system to verify the block header data. For example, on Ethereum network, there are three Poly Network contracts involved in management: `EthCrossChainManager`, `LockProxy`, and `EthCrossChainData`. Important variables stored in the `EthCrossChainData` contract determine which address is the Keeper, which enables you to withdraw funds from the contract `LockProxy`that holds all Poly Network assets.

Someone summed up the incident like this: The hacker got the real key from the property with a forged real estate certificate and ransacked the house. According to the technical analysis by the SlowMist security team, the attack process can be roughly divided into two stages: modification of Keeper signatures and random currency stealing.

First, the attacker initiated a cross-chain transaction on the source chain by calling the `CrossChain` function on chains to construct data and this kind of transaction is invalid. However, without sufficient verification, the source chain Relayer accidentally synchronizes the transaction data to the Poly Chain which then synchronizes them to the target chain Relayer. After that, the Poly Chain incorporates the transaction into the hash tree of the consortium blockchain and signs it.

Then, the hacker used the valid hash proof which is just obtained on the target chain to call Poly Network's ECCM contract to obtain the Keeper public key and the keeper address. At this point, hackers can freely perform operations to modify Keeper. Finally, after obtaining permission, the hacker can transfer all the assets to the address designated.

Achilles' Heel & the Sword of Damocles

Recently, there have been successive attacks on cross-chain related protocols in a more frequent way compared with before. Why does cross-chain become a target for hacker attacks? What are the vulnerabilities of the cross-chain? Firstly, as the hacker said in the message, “Cross-chain hacking is hot”, with its rapid development followed by the influx of capital and the fast expansion of funds on the chain. Secondly, the cross-chain track is still in its infancy, and many details have yet to be optimized. This attack was exploited by hackers due to bugs in the smart contract. Moreover, cross-chain related protocols usually involve multiple chains, and the interaction process between various contracts is also very complicated, both of which lead to higher risks in asset security.

With the hacker returning all funds, the attack basically came to an end. Afterwards, Poly Network announced the launch of a bugs-bounty program for smart contracts, and each discoverer of a valid vulnerability will be rewarded with $100,000. It is not too late to be able to make up for it, but if they can take precautions and reflect on security issues in the cross-chain and DeFi, potential losses could be effectively avoided.


There are three potential attack forms in DeFi projects: oracle attacks, re-entrancy attacks and code attacks.

Oracle Attack

Before discussing oracle attacks, several concepts need to be explained in advance. One is oracle. The vast majority of DeFi contracts do not have access to the price information on digital currencies besides their own contracts but require another protocol to hand over external price information. An oracle is a protocol responsible for importing digital currency price information. Another one is flash loans. Flash loan is a form of lending without collateral and allows users to lend large amounts of funds quickly and without collateral. However, the lender is required to return the loan to the borrower in the same transaction.

On the other hand, an oracle attack is an arbitrage attack in which an attacker tampers with the oracle’s quotes and interferes with the applications of other DeFi projects.
In this type of attack, the attacker usually uses a flash loan to obtain a large amount of currency from other projects, performs various financial operations in DeFi projects, and uses the altered price information to achieve arbitrage. Valley, Cheese Bank, and Wrap Finance have all been subject to oracle attacks.

Re-Entrancy Attacks

Smart contracts enable the invocation of internal and external contract functions. During the invocation, the attacker can tamper with the content and parameters of the contract and enables the recipient of the invoked function to perform the behavior set by the attacker. Re-entrancy attacks are more damaging and cause a loss on a larger scale than oracle attacks. A re-entrancy attack can easily steal all assets within a contract. Projects such as Akropolis and OUSD have been subject to re-entrancy attacks and have suffered massive losses.

Code Attacks

Code attacks are also called contract vulnerability attacks or code vulnerability attacks. An attacker takes advantage of a vulnerability in the code left by the project developer to attack the contract. One common type of code attack is to exploit a vulnerability in a contract, extract liquid currency from the liquidity pool of the contract, and finally cause the contract to be frozen. UNISWAP, the largest decentralized exchange, was subject to a code attack in which attackers stole 1,278 ETH with a code vulnerability in this exchange.

The risk of project losses is more costly to investors than the risk of impermanent losses. Impermanent losses make liquidity miners lose a portion of the earnings they deserve, while project losses are likely to make liquidity miners earn nothing. Therefore, the project security risk of liquidity mining is the biggest risk investors face when they undertake liquidity mining.

Conclusion

For users, is there a better choice besides DeFi when considering security?

You might as well turn your attention to centralized exchanges. Compared with decentralized financial projects, reliable centralized exchanges can often guarantee a higher rate of return while ensuring security, and it is also less difficult for users to participate in transactions and financial management. As one of the oldest and largest exchanges by volume in the world of cryptocurrency, Gate.io is well aware of the importance of asset security in blockchain and always gives top priority to asset security which is ensured through the dual of centralization and decentralization with heavy investments. In addition, the platform, which is assessed as one of the world's safest platforms by CER(a world-renowned cybersecurity assessment platform), has always been committed to providing users with safe and simple investment solutions and innovative products. As the world witnesses the rapid development of the blockchain, Gate.io has attracted more attention from mainstream media and institutions and has gained more trust from its users.


A series of high-quality asset management projects, such as Liquidity Mining, Dual Currency Product and so on, have been launched on Gate.io. Liquidity Mining, as a key project launched recently on the platform, plays an important role in the future road map of Gate.io and enjoys the world's top security guarantee. Moreover, with the strong support of the platform, it may be one of the best asset management projects for cryptocurrency in the current depressed market.

Learn more about Liquidity Mining:
Why is Gate.io Liquidity Mining Great for Low Volatility?
Science: What You Need to Know About Investments in Liquidity Mining Products
Science: From Market Maker to Liquidity Mining, How Important is Liquidity?
Author: Gate.io Researcher: Ashley. H
*This article represents only the views of the researcher and does not constitute any investment suggestions.
*Gate.io reserves all rights to this article. Reposting of the article will be permitted provided Gate.io is referenced. In all other cases, legal action will be taken due to copyright infringement.



















Поділіться
gate logo
Credit Ranking
Complete Gate Post tasks to upgrade your rank