Rekt Retweet #8: Why the $90m Mirror Protocol hack could NEVER happen on Radix | The Radix Blog | Radix DLT
June 14, 2022
TLDR: COSMWASM developers must implement validations to prevent funds being withdrawn multiple times. On Radix, as tokens and badges provide native ways to account for user positions and authorize actions, a Radix dApp would never be designed with a vulnerability like this.
The incident in question https://twitter.com/RektHQ/status/1531703993109561345
Mirror Protocol was a dApp on Terra (now Terra Classic) that allowed users to deposit collateral, such as UST, and mint “mAssets”, which are synthetic tokens that mirror the price of another asset such as ETH (the mirrored version would be mETH).
Other users are able to open long or short positions against those mAssets by depositing collateral and buying or selling short those mAssets. Depending on how the price of the mAsset changes, those users can then close those positions for profit or loss, or get liquidated.
To close a position, a user submits a tx to the Mirror contract. Their account is linked to a Position ID with metadata recording the user’s collateral, leverage, and position. As this position is in profit, when closed, the user is credited the collateral and position.
On Sep 11 2021, a hacker was able to trick the Mirror contract into closing an inflated position multiple times as the contract did not check for duplicate withdrawals. For one transaction, the hacker used the same position (43186) to withdraw ~100k UST 437 times.
So why couldn’t this hack happen on Radix’s upcoming Babylon mainnet?(1) To authorize the closure of a position, the user would have to present a “badge” (a resource like an NFT) that is associated with their position. Once the position is closed, the badge is burnt.
(2) Tokens on Radix live in vaults inside components (smart contracts). For “Mirror” on Radix, each position would have its own vault. This means that once the position is closed, the vault for that position is empty!
This means there’s no more pooling of user funds into “omnibus” accounts, where if there’s an error in accounting, the entire pool — and everyone’s tokens — can be drained. Instead, individual vaults for each position make Radix dApps far more safe and intuitive to build.
Now back to the hack, which fails immediately as the badge for the position is burnt after the first withdrawal, and the vault is then empty!
As the tokens live in a specific vault for each position, there is no scope for the developer to miss a “duplicate withdrawal” check.
If you’d like to learn more about how Scrypto is a game changer for DeFi, I recommend you read this article on Scrypto https://www.radixdlt.com/post/radix-engine-v2-an-asset-oriented-smart-contract-environment
For the last in the Rekt Retweet series:
Originally published at https://www.radixdlt.com.