SushiSwap Hack Analysis

PUBLISHED ON

April 16, 2024

WRITTEN BY

Gul Hameed

DURATION

5 Min

CATEGORY

SushiSwap Hack Analysis

SushiSwap is a decentralized exchange built on the Ethereum blockchain that utilizes an automated market maker (AMM) system to provide liquidity and facilitate token swaps. The organization aims to revolutionize the DeFi sector by incorporating a wide range of products, including decentralized lending markets, yield instruments, auction platforms, and staking derivatives. However, like many DeFi platforms, SushiSwap has experienced a significant security breach, the SushiSwap hack. In this analysis, we aim to shed light on this hacking incident, its impacts, the steps taken by the attacker, and recommendations for enhanced security.

 

Hack Impact

On April 9, 2023, SushiSwap suffered a security breach which led to a loss of over $3.3 million. The attack exploited a flaw in the RouteProcessor2 contract of SushiSwap’s router processor. The fallout was felt across several major chains that had previously authorized the RouteProcessor2 contract.

 

SushiSwap Hack Explained

Step 1: Smart Contract Manipulation

The attacker set off the exploit by executing the processRoute() function within the vulnerable RouteProcessor2 contract, inserting an atypical argument. This action led the router to interact with a new contract that had been purposely prepared by the attacker.

SushiSwap Hack

 

Step 2: Swap Function Exploitation

The attacker used the uniswapV3SwapCallback()method within the vulnerable contract’s internal swap() function. This method was used to send tokens from the source account to the attacker-controlled recipient’s address. No checks or pool verifications were performed before passing the user-provided pool parameter to the swap, enabling the attacker to set their pool address as the LastCallPool variable address.

 

Step 3: Token Theft

Having set their pool address, the attacker could then use the fraudulent pool’s uniswapV3SwapCallback function within its swap() function to bypass the msg.sender check. This allowed the attacker to steal the tokens of other users who had previously accepted the Routerprocessor2 contract.

Uniswap V3 pool swap
uniswapV3 Swap Call Back function

 

Recommendation for Enhanced Security

As a mitigation strategy, it is highly recommended that user inputs are validated and modifiers are utilized on critical functionalities that may affect balances and user funds. Proper implementation of access control is also vital, with only the contract owner being allowed to perform critical transactions. Conditions should not be bypassable by any form of privilege escalations.

 

Transaction Analysis

The malicious activities initiated by the attacker were linked to the following addresses:

Attacker’s address: 0x719cdb61e217de6754ee8fc958f2866d61d565cf

Attacker’s transaction: 0xea3480f1f1d1f0b32283f8f282ce

RouteProcessor2 Vulnerable Contract: 0x044b75f554b886a065b9567891e45c79542d7357

Attacker’s Contract: 0x000000c0524f353223d94fb76efab586a2ff8664

 

Funds Flow:

sushi Swap - fund flow
Sushi Swap - balance and state changes

 

Conclusion

The SushiSwap incident underscores the crucial need for rigorous security measures and audits within the DeFi landscape. Despite being a prominent platform, even SushiSwap wasn’t immune to security breaches, reminding us that every project, regardless of size or reputation, carries potential risks if not adequately secured.

The pace of the DeFi world necessitates the utmost priority to smart contract security. Implementing rigorous security procedures, conducting thorough audits, and maintaining transparent communication with the community are all fundamental to safeguarding the platform and users’ assets.

Organizations like BlockApex, with their expertise in smart contract auditing, can help platforms identify and mitigate potential vulnerabilities before they’re exploited.

This incident is a timely reminder of the importance of security in the thriving yet risky landscape of DeFi. It’s essential for platforms to maintain robust security protocols to foster trust and ensure their continued success.

 

Explore further Hack Analysis:

Hack Analysis on Merlin DEX!

Orion Protocol Hack Analysis

Kokomo Finance Hack Analysis

Dforce Network Hack Analysis

Rari Capital Hack Analysis & POC

Tell
us about your Project

Related Blogs

Terms & Condition | Privacy Policy
Copyright © 2024 BlockApex. All rights reserved.
Clients & Partners
0 +
Clients & Partners
0 +
Clients & Partners
0 +

Access the
Audit Checklist