Merlin DEX - April 26, 2023


Drop your email to read the BlockApex newsletter and keep yourself updated around the clock.

    Table Of Content


    Written in May 2023


    In the emerging realm of DeFi, Merlin DEX stands as a novel, community-centric Decentralized Exchange (DEX) built on ZkSync, aiming to tackle the persistent "liquidity problem". By creating a robust liquidity environment, Merlin is paving the way for more efficient and accessible liquidity solutions.

    Pushing the limits of Automatic Market Makers (AMMs), Merlin DEX has developed a unique mechanism to focus liquidity around target prices, optimizing speed, reliability, and reducing fees.

    Merlin DEX's strong commitment to decentralization and its unique approach to Liquidity Generation Events (LGEs) stands as a testament to its innovative vision. Allowing users more control and transparency, Merlin is dedicated to creating an open, borderless DeFi environment.

    Hack Impact

    In April 2023, the Merlin DEX unfortunately fell victim to a hack, resulting in an estimated loss of $1.8 million from the protocol. The hack occurred amidst a Liquidity Generation Event for the launch of its MAGE token.

    The attacker exploited excessive permissions granted to the Feeto address used during deployment, enabling them to drain the pool of assets. This event highlights the potential risks of overly centralized control in a DeFi protocol and emphasizes the importance of implementing decentralization best practices.

    Merlin DEX: Hack Explained

    Step 1: Factory Contract Creation

    The pool creator (address: 0xc0D6987d10430292A3ca994dd7A31E461eb28182) created a Factory Contract (0x63E6fdAdb86Ea26f917496bEEEAEa4efb319229F). In the process, the creator set the Feeto address, which is meant to collect transaction fees, to their own address. This essentially means the creator holds excessive control over the protocol.

    Step 2: Pool Deployment

    Next, a USDC-WETH pool was deployed using the Factory Contract. During initialization, the pool’s USDC and WETH tokens were given max approval to the Feeto address of the factory contract. This is risky because whoever controls the Feeto address can move all the tokens from the pool.

    Merlin DEX - initialize function

    Step 3: Attack Execution

    Leveraging this excessive permission granted to the Feeto address, the attacker (same as the pool creator in this case) transferred all tokens from the pool to their own address.

    Step 4: Obfuscation

    Interestingly, the owner and Feeto addresses of the Factory Contract had been changed before the attack. While this step was not necessary to execute the hack, it served to confuse observers and potentially divert attention away from the real exploit.

    In Layman's Terms:

    To simplify, imagine the Factory Contract as a vending machine factory and the pool as a vending machine. The vending machine factory was set up such that all vending machines it produces would give all the money inside them to the factory owner. The attacker created a vending machine (pool), which was programmed to give all its money to the factory owner, and took all the money out of it. Then, to confuse people, they changed the owner of the factory, even though it had nothing to do with their ability to empty the vending machine.

    Recommendations for enhanced security

    Limit Permissions:

    Permissions should be the least required to fulfill functionality. If a contract or a particular address doesn't need the ability to move all tokens, it shouldn't have that power. Always implement "principle of least privilege."

    Regularly Monitor Contracts:

    Continuously monitor contract activity, especially for contracts holding substantial value. Rapid detection and response can mitigate damage if an attack happens.

    Multi-Signature Control:

    If possible, using multi-signature wallets for critical operations or ownership changes could provide an additional layer of security. This requires multiple people to agree on a transaction before it's processed.

    Transparency and Open Source:

    Transparency in code helps the community to verify the contract's operation and provides an additional layer of security through community auditing.

    Time Locks for Critical Operations:

    For crucial contract functions, consider implementing time locks. Time locks require a waiting period before certain functions can be executed, giving the community time to react if something appears malicious.

    Emergency Shutdown Mechanisms:

    Implement an emergency shutdown or pause mechanism to stop contract operations in case of detection of malicious activities.

    Transaction Analysis 

    Factory Contract (0x63E6fdAdb86Ea26f917496bEEEAEa4efb319229F):

    The factory contract was created by the pool creator (0xc0D6987d10430292A3ca994dd7A31E461eb28182). This contract is where the USDC-WETH pool was deployed from. During initialization, the Feeto address was set to be the same as the creator's address, presenting a centralization risk.

    Pool Creator (0xc0D6987d10430292A3ca994dd7A31E461eb28182):

    This is the Ethereum address of the individual or entity who deployed the factory contract and the USDC-WETH pool. They initially had control over the Feeto address, which was later changed, presumably to avoid suspicion or confuse investigators.

    USDC-WETH Pool (0x82cf66e9a45Df1CD3837cF623F7E73C1Ae6DFf1e)

    This pool was created through the factory contract and granted maximum approval to the Feeto address of the factory contract. Essentially, the Feeto address had complete control over the funds within this pool, leading to the theft.

    Second Attacker (0x2744d62a1e9ab975f4d77fe52e16206464ea79b7):


    This incident demonstrates the critical importance of secure smart contract design and the necessity of rigorous auditing. The attack on the Merlin DEX on ZkSync, which resulted in a loss of $1.8M, exploited the centralization of power in the factory contract's Feeto address, leading to the unauthorized transfer of tokens from the USDC-WETH pool.

    A comprehensive security audit, such as those provided by BlockApex, can greatly enhance the security posture of a DeFi protocol. Such audits can identify and address vulnerabilities before they are exploited, protecting users and ensuring the sustainable growth of the protocol. Smart contract audits are a key defensive measure, and their importance cannot be overstated in the rapidly evolving and highly competitive DeFi landscape.

    More Hack Analysis

    Euler Finance (March 14, 2023)

    The Euler Finance hack had a devastating impact on the platform and its users, with approximately $197 million worth of assets stolen, including ETH, WBTC, USDC, and DAI. This placed Euler Finance at number 6 on the leaderboard of the largest DeFi hacks. The platform's total value locked (TVL) dropped from $264 million to just $10 million.

    Yearn Finance - April 13, 2023

    The Yearn Finance hack that occurred on April 13, 2023, resulted in the loss of approximately $11.4 million. The exploit was carried out through a misconfiguration in the yUSDT vault, revealing a flaw in the system's architecture.

    HUNDRED FINANCE - April 15, 2023

    On April 15th, 2023, Hundred Finance was hacked, resulting in a loss of approximately $7.4 million USD in various cryptocurrencies. The attacker exploited an integer rounding vulnerability in the platform's contract logic when a market was empty.

    SushiSwap - April 9, 2023

    On April 9, 2023, SushiSwap suffered a security breach which led to a loss of over $3.3 million. The attack exploited a flaw in the RouteProcessor2 contract of SushiSwap's router processor. The fallout was felt across several major chains that had previously authorized the RouteProcessor2 contract.

    Harvest Finance Hack Analysis & POC

    Harvest finance got hacked for around $34M due to a flashloan attack which manipulated the price in the Curve pool to retrieve more USDT tokens than originally deposited USDT amount in fUSDT pool.

    Jimbo's Protocol - Monday, May 28, 2023

    Jimbo's Protocol is a decentralized finance (DeFi) system built on the Arbitrum chain. The protocol uses a semi-stable floor price for its ERC-20 token, $JIMBO, backed by a treasury of Ether (ETH). However, despite its pioneering efforts to maintain on-chain liquidity and price floors, Jimbo's Protocol recently faced a Flash loan attack.

    BonqDAO - February 3, 2023

    The BonqDAO security breach that occurred on February 2, 2023, had far-reaching consequences for the platform, its users, and the wider DeFi ecosystem. The attack exploited a vulnerability in the integration of the Tellor Oracle system, which BonqDAO relied on for obtaining token price information.

    Pickle Finance Hack Analysis & POC (Nov 21st, 2021)

    On 21sth November 2021, Pickle finance was hacked, where an attacker was able to drain $19M DAI from the pDai jar. The attack exploited multiple inconsistencies & flaws in the logic of the pickle jar contract.

    SAFEMOON - March 29, 2023

    Safemoon suffered an attack in which the SFM/BNB pool was drained, resulting in a loss of $8.9M worth of ‘locked LP’. The attack was carried out by exploiting a vulnerability in the new Safemoon contract that allowed anyone to burn SFM tokens from any address, thus inflating the price of SFM tokens in the pool.

    1 2 3
    Designed & Developed by: 
    All rights reserved. Copyright 2023