Beanstalk Hack Analysis & POC (Apr 17, 2022)

Abdul Sami J.
April 27, 2022

NEWSLETTER

Drop your email to read the BlockApex newsletter and keep yourself updated around the clock.

    Table Of Content

    Share:

    Introduction

    Beanstalk protocol got hacked for around $74M through exploiting the governance mechanism & stealing all the BEANS & Curve LP tokens stored in the Beanstalk protocol. It is a bit complex hack, let's break it down step by step.

    Hack transaction

    Hacker’s Address

    Hacker Exploit Contract

    Proposal creation transaction on BeanGovernance

    Imperative Functions of the Protocol

    Before diving into the hack let's analyze how the governance system worked for the protocol & why the proposal was important.

    1. The idea of a proposal is to modify the beanstalk protocol in any way that attracts or affects the interest of the community.
    2. A proposal for governance can be created by anyone who has deposited beans into the protocol. Anyone who hasn’t deposited beans will not be able to create the proposal.
    3. The proposal in this scenario is a smart contract that will be executed if enough votes pass for it. An example of this can be to whitelist other pools for governance voting, etc.
    4. If anything goes wrong, there is also an emergencyCommit function that bypasses all of the individual votes & executes the proposal. It can be called after a waiting period of one day. 

    The Intent

    The attacker created 2 Proposals.

    1. Malicious Proposal Contract (BIP18) 
    2. Ukraine donation proposal

    The malicious contract requested the following tokens to be sent over the exploit contract address.

    1. BEAN3CRV-f, A BEAN-CRV metapool on curve.
    2. BEANLUSD-f, A BEAN-LUSD metapool on curve.
    3. UNI-V2 ETH/BEAN, A liquidity pool for ETH-BEAN.
    4. BEAN token.

    Undertakings of the Exploit

    1. The attacker starts by taking a flashloan of $1 Billion from AAVE v2 containing the following assets.
      • 350,000,000 DAI
      • 500,000,000 USDC 
      • 150,000,000 USDT
    1. The attacker takes yet another Flashloan from Uniswap v2 for 32,100,950 BEAN & Sushiswap for 11,643,065 LUSD.
    2. Then the attacker deposits DAI, USDC & USDT to Curves 3Pool (DAI/USDC/USDT) to get 979,691,328 3Crv tokens.
    3. Exchange 15,000,000 CRV tokens to 15,251,318 LUSD on BEANLUSD-f pool.
    4. Add single asset liquidity 964,691,328 CRV to get 795,425,740 BEAN3CRV-f.
    5. The attacker deposits 32,100,950 BEAN & 26,894,383 LUSD to get 58,924,887 BEANLUSD-f
    6. The user then deposits BEANLUSD-f & BEAN3CRV-f to the beanstalk contract to get enough voting power.
    7. The attacker calls Diamond.vote(18) At this point user has control over 66% of the voting power.
    1. The proposal gets executed by calling the Diamond.emergencyCommit(18) function on beanstalk protocol which sends the following tokens back to the exploit contract.
      1. 36,084,584 BEAN
      2. 0.540716100968756904 UNI-V2 ETH/BEAN.
      3. 874,663,982 BEAN3CRV-f.
      4. 60,562,844 BEANLUSD-f.
      5. 100 BEAN minted to the exploit contract.
    2. Removes 874,663,982 CRV single liquidity to get 1,007,734,729 CRV tokens.
    3. Removes 60,562,844 BEANLUSD-f single liquidity to get 28,149,504 LUSD.   
    4. Returns flashloan of 11,678,100 LUSD to Sushiswap.
    5. Returns flashloan of 32,197,543 BEAN to Uniswap V2.
    6. Exchanges 16,471,404 LUSD to get 16,184,690 CRV on LUSDCRV-f.
    7. Removes liquidity from 511,959,710 3CRV Pool to get 522,487,380 USDC, 358,371,797 DAI, 156,732,232 USDT.
    8. Returns flashloan on aave for 350,315,000 DAI, 500,450,000 USDC & 150,135,000 USDT.
    9. Removes liquidity on 0.540716100968756904 Uniswap V2 to get 10,883 Eth & 32,511,085 BEAN.
    10. Donated 250,000 USDC to Ukraine Donation Wallet. 
    11. Swap 15,443,059 DAI to 15,441,256 USDC on Uniswap V3.
    12. Swap 37,228,637 USDC for 11,822 Eth on Uniswap V3.
    13. Swap 6,597,232 USDT for 2,124 Eth on Uniswap V3.
    14.  Leaving the attacker with over 24k Eth ~ $72M in profit.

    The Exit Strategy

    The hacker used tornado cash & split the ~24k Eth into chunks of 1, 10 & 100 Eth to disappear in thin air. One thing to note is that this hack was a result of a bad governance design and not the economic design.

    HACK YOURSELF!

    Here is the Github repo that has POC for the hack.

    Also see Cream Finance Hack: What Motivates Hackers to Return Stolen Funds?

    More Hack Analysis

     Platypus Finance - February 16, 2023

    On February 17, 2023, Platypus Finance was hacked, resulting in a loss of approximately $8.5 million worth of assets. In this hack analysis, we will delve into the details of the attack, the vulnerability that was exploited, and the impact it had on the platform and its users.

    Gul Hameed
    September 5, 2023
    Harvest Finance Hack Analysis & POC

    Harvest finance got hacked for around $34M due to a flashloan attack which manipulated the price in the Curve pool to retrieve more USDT tokens than originally deposited USDT amount in fUSDT pool.

    Abdul Sami J.
    June 17, 2022
    LEVEL FINANCE - May 2, 2023

    The Level Finance hack significantly affected the platform and its users, as the attacker managed to steal $1.1 million in referral rewards. This breach undermined trust in Level Finance and raised concerns about the security of similar DeFi platforms.

    Gul Hameed
    July 5, 2023
    Pickle Finance Hack Analysis & POC (Nov 21st, 2021)

    On 21sth November 2021, Pickle finance was hacked, where an attacker was able to drain $19M DAI from the pDai jar. The attack exploited multiple inconsistencies & flaws in the logic of the pickle jar contract.

    Abdul Sami J.
    May 30, 2022
    Cream Finance Hack: What Motivates Hackers to Return Stolen Funds?

    From an outsider’s perspective, returning millions of dollars worth of funds after successfully pulling off a complicated exploit is, at best, admirable, and at worst, foolish. What could be the motivation behind such a decision?

    Abdul Sami J.
    September 17, 2021
    Rari Capital Hack Analysis & POC

    Rari capital got hacked for around $79M through a classic re-entrancy attack. Rari is a fork of compound finance which had this bug fixed earlier. It is not the first time Rari has been a victim of a hack.

    Abdul Sami J.
    May 4, 2022
    Merlin DEX - April 26, 2023

    In April 2023, Merlin DEX,a decentralized exchange (DEX) built on ZkSync, suffered a hack during a Liquidity Generation Event for its MAGE token, resulting in an estimated loss of $1.8 million from the protocol.

    Gul Hameed
    July 12, 2023
    SushiSwap - April 9, 2023

    On April 9, 2023, SushiSwap suffered a security breach which led to a loss of over $3.3 million. The attack exploited a flaw in the RouteProcessor2 contract of SushiSwap's router processor. The fallout was felt across several major chains that had previously authorized the RouteProcessor2 contract.

    Gul Hameed
    July 20, 2023
    Yearn Finance - April 13, 2023

    The Yearn Finance hack that occurred on April 13, 2023, resulted in the loss of approximately $11.4 million. The exploit was carried out through a misconfiguration in the yUSDT vault, revealing a flaw in the system's architecture.

    Gul Hameed
    May 23, 2023
    1 2 3
    Designed & Developed by: 
    All rights reserved. Copyright 2023