Cointime

Cointime

Download App
iOS & Android

SlowMist: An Analysis of the Attack on Euler Finance

On March 13th, 2023, the lending project, Euler Finance, on the Ethereum blockchain was attacked, and the attacker profited approximately 200 million US dollars. The SlowMist Security Team intervened and analyzed the situation promptly, and shared the results as follows:

https://twitter.com/SlowMist_Team/status/1635230255878373377

Background Info

Euler Finance is a non-custodial and permissionless lending protocol on Ethereum, allowing users to earn interest or hedge market volatility with their cryptocurrency assets.

When users deposit collateral on Euler Finance, they receive corresponding EToken as proof, and subsequent redemption of collateral and lending are both carried out through EToken. The design of EToken allows users to borrow more assets and increase their debt by minting EToken and directly using new EToken as collateral, that is, self-borrowing with layered leverage.

Euler’s soft liquidation mechanism allows liquidators to flexibly help debtors repay their debts, rather than being limited to fixed coefficients.

The following are the related addresses involved in this attack:

Attacker’s EOA Address 1: 0x5f259d0b76665c337c6104145894f4d1d2758b8c

Attacker’s EOA Address 2: 0xb2698c2d99ad2c302a95a8db26b08d17a77cedd4

Attack Contract Addresses:

https://etherscan.io/address/0xeBC29199C817Dc47BA12E3F86102564D640CBf99

https://etherscan.io/address/0x036cec1a199234fC02f72d29e596a09440825f1C

Attack Transactions:

https://etherscan.io/tx/0xc310a0affe2169d1f6feec1c63dbc7f7c62a887fa48795d327d4d2da2d6b111d

https://etherscan.io/tx/0x71a908be0bef6174bccc3d493becdfd28395d78898e355d451cb52f7bac38617

https://etherscan.io/tx/0x62bd3d31a7b75c098ccf28bc4d4af8c4a191b4b9e451fab4232258079e8b18c4

https://etherscan.io/tx/0x465a6780145f1efe3ab52f94c006065575712d2003d83d85481f3d110ed131d9

https://etherscan.io/tx/0x3097830e9921e4063d334acb82f6a79374f76f0b1a8f857e89b89bc58df1f311

https://etherscan.io/tx/0x47ac3527d02e6b9631c77fad1cdee7bfa77a8a7bfd4880dccbda5146ace4088f

Root Cause

There were two critical reasons behind the attack:

Firstly, failure to check whether the user was in a state of liquidation after donating funds to the reserve address resulted in the direct triggering of the soft liquidation mechanism.

Secondly, the debtor’s health factor drops below 1 when the soft liquidation logic is triggered due to high leverage. This allows the liquidator’s profit to entirely cover their debt, as the value of the collateral obtained after liquidation is greater than the value of the debt. Thus, the liquidator can successfully extract the obtained funds without the need for any additional collateral, passing their health check (checkLiquidity) with ease.

Attack Process

This section analyzes the attack transaction with hash 0xc310a0af, with other attack techniques remaining consistent:

1. The attacker borrowed 30,000,000 DAI through a flash loan from Aave and created two sub-attack contracts (0x583c21 and 0xA0b3ee) in preparation for subsequent attacks.

2. The attacker deposited 20,000,000 DAI into Euler Finance through the deposit function and obtained 19,568,124.3 eDAI as collateral tokens.

3. Called the mint function (self-borrow) to borrow 195,681,243 eDAI and 200,000,000 debt tokens (dDAI).

4. Immediately after, the attacker called the repay function to repay the remaining 10,000,000 DAI. This was done to reduce the debt and increase the value of the collateral in preparation for another round of borrowing.

5. The attacker then called the mint function again (self-borrow) for a second round of borrowing, borrowing 195,681,243 eDAI and 200,000,000 dDAI. At this point, the account held approximately 410,930,612 eDAI and 390,000,000 dDAI.

6. The attacker then called the donateToReserves function to donate 100,000,000 eDAI to the reserve address. At this point, the account had 310,930,612 eDAI and 390,000,000 dDAI, placing the account in a liquidation state. However, the donateToReserves function did not check the account’s health factor.

7. Called the liquidation function using another sub-attack contract 0xA0b3ee to liquidate the account 0x583c21, which was in a liquidation state in the previous step.

During the liquidation process, the attacker transferred the debt of 259,319,058 dDAI from account 0x583c21 to 0xA0b3ee and obtained 310,930,612 eDAI from the account.

It is apparent that the liquidator only assumes a small amount of debt but can obtain the vast majority of the collateral. This is because of Euler Finance’s soft liquidation mechanism: when the liquidator begins the liquidation process, a discount is calculated based on the debtor’s health factor. As a result of this mechanism, the lower the health factor, the greater the discount and the more collateral that can be transferred. Ultimately, the liquidator only needs to cover their own debt to complete this attack.

Since the amount of collateral obtained by account 0xA0b3ee after liquidation was greater than the amount of debt, the account was able to pass the liquidation check successfully.

8. Finally, the attacker called the withdraw function to withdraw the funds obtained from the previous liquidation and repay the profit obtained from the flash loan.

MistTrack On-chain Analysis

At the time of writing, 100 ETH has been transferred by the attacker to Tornado Cash.

The remaining funds are held in the attacker’s address.

Here are the details: (Note: Prices are as of 10:00 UTC on March 14, 2023)

It is worth noting that there were a total of 6 attack transactions in this attack, with the first attack transaction initiated by the attacker’s EOA address 1, and all other attack transactions initiated by the attacker’s EOA address 2.

Here is the timeline for the 6 attack transactions:

On March 13, 2023, at 11:38:11 UTC, the attacker’s EOA address 1 withdrew 8,877,507.34 DAI to the attacker’s EOA address 2.

On March 13, 2023, at 12:08:35 UTC, the attacker’s EOA address 1 initiated an on-chain message transaction, claiming to be an MEV bot that outpaced the first attack transaction initiated by the attacker’s EOA address 2, and attempted to outpace other attack transactions but failed. Unfortunately, the attack contract created by the bot could only withdraw to the profit address of the attacker’s EOA address 2.

According to the on-chain analysis team at MistTrack, the source of the fees used by the attacker’s EOA address 1 was traced back to a hacker address that had previously carried out a flash loan attack on the EPMAX project on the Binance Smart Chain, stealing a total of 346,399.28 USDT.

After the attack, the EPMAX hacker address crossed to the ETH chain via cBridge and transferred the profits to Tornado Cash. The platform tools used by the EPMAX hacker include Multichain, FixedFloat, cBridge, 1inch, and KyberSwap.

The fees used by the attacker’s EOA address 2 were also traced back to Tornado Cash.

Summary

Upon careful analysis, it becomes apparent that there is no issue with examining the “donate” operation in isolation without verifying the donating user’s liquidity. When a user is in a state of liquidation after donating, it is inevitable that arbitrage bots will perform necessary liquidation procedures. Moreover, focusing solely on the characteristics of soft liquidation can serve to alleviate both excessive and insufficient liquidation scenarios. In cases of normal liquidation, the liquidator is required to provide collateral to avoid failing the liquidity check after completing the liquidation process.

However, when the “donate” operation is combined with soft liquidation, a different reaction occurs. Attackers can use leverage (self-borrowing) and the donation feature to lower their health factor to below 1, which directly leads to liquidators being able to cover their debts with profits after completing the liquidation.

The primary reason for this attack is the absence of liquidity checks in critical functions that involve user funds, which, when combined with a liquidation mechanism that dynamically updates discounts, creates lucrative arbitrage opportunities for attackers to siphon off a large amount of collateral without the need for collateral or debt repayment. As a result, the SlowMist Security Team recommends that lending protocols incorporate necessary health checks in functions that involve user funds, while also considering the security risks that can arise from combining different modules. This will allow for the design of secure economic and viable models that effectively mitigate such attacks in the future.

Euler Euler $1.24
-0.51%
Euler Finance DeFi
Comments

All Comments

Recommended for you

  • Astarter locks in the DeFAI liquidation layer, occupying a critical position in emerging categories that remains unfilled by competitors

    With the rapid rise of the DeFAI (Decentralized Finance x Autonomous AI Execution) category in 2026, Astarter has secured the "clearing layer" position within this space, which remains unclaimed by competitors. Astarter is a decentralized AI + DeFi (DeFAI) infrastructure built for Web4, designed to create an economic system executable by AI, enabling autonomous AI agents to independently perform on-chain trading execution, strategy optimization, and real-time data processing. Industry comparative analysis reveals that the first three layers of the AI Agent economic architecture are already occupied by leading projects such as Olas, Virtuals, and Fetch.ai, leaving the "clearing layer" long vacant. Astarter, with its operational DeFi stack of four products since 2021, stands as one of the few publicly recognized projects to claim this position.

  • Central Bank's Open Market Operations Net Withdrawal of 243 Billion Yuan Today

    On May 25, the People's Bank of China conducted a 258 billion yuan 7-day reverse repo operation today, with a bidding amount of 258 billion yuan and a winning amount of 258 billion yuan, at an operation rate of 1.40%, unchanged from before. Due to the maturity of 500 billion yuan in 1-year Medium-term Lending Facility (MLF) and 10 billion yuan in 7-day reverse repos today, there was a net withdrawal of 243 billion yuan.

  • Nikkei 225 Index Surpasses 65,000 Points

    On May 25, the Nikkei 225 index surpassed 65,000 points, setting a new historical high with an intraday increase of 2.64%.

  • Nikkei 225 Index Surpasses 64,000 Points, Sets Historical Record

    The Nikkei 225 Index has surpassed 64,000 points for the first time, setting a historical record, with an intraday increase of over 1%.

  • BTC Surpasses $77,000

    Market data shows that BTC has surpassed $77,000, currently priced at $77,012.01, with a 24-hour increase of 0.43%. The market is experiencing significant volatility, so please ensure proper risk management.

  • Iranian Official: Management of the Strait of Hormuz Will Not Return to Pre-War Status

    On May 25, local time May 24, Rezaei, spokesperson for Iran's National Security and Foreign Policy Committee, stated that the management of the Strait of Hormuz will not return to its pre-war status. He also mentioned that the strait is currently under Iranian control, and after the end of the state of war, Iran can facilitate the passage of vessels. Rezaei further stated that Iran has not negotiated with the United States regarding its enriched uranium stockpile and will never back down from its current position; the U.S. has no choice but to accept Iran's conditions.

  • Trump: US-Iran Agreement 'Not Fully Negotiated Yet'

    On May 25, U.S. President Trump stated on the 24th that the agreement between the United States and Iran is 'not fully negotiated yet,' accusing some uninformed individuals of 'unfounded criticism.' Trump posted on social media, saying, 'If I reach an agreement with Iran, it will be a good and appropriate agreement.' 'No one has seen it or knows its contents. It is not fully negotiated yet. So don't listen to those losers who criticize something they don't understand at all.' According to U.S. media reports, although the draft of the agreement has not been made public, some individuals in the U.S. have criticized it fiercely, claiming it actually undermines the goals set by the Trump administration. White House officials told the media that it will take 'a few more days' to finalize the agreement between the U.S. and Iran. (Xinhua News Agency)

  • Vitalik: Ethereum Foundation is Not the Central Manager of the ETH Ecosystem, Future Development Will Shift to 'Small and Long-term' Approach

    On May 25, Ethereum founder Vitalik shared his views on the future development direction of the Ethereum Foundation in a post on the X platform. He emphasized that this is just his personal opinion. The board does not consist solely of him, and he does not have more special powers than other board members. Aya Miyaguchi is leading most of the execution work for this transformation, while his own involvement is more focused on technical issues. The board is currently expanding, and his influence within the organization will continue to decline in the future, which, frankly, is what he hopes to see. By 2025, the Ethereum Foundation has made significant improvements in its execution capabilities. Many issues have been resolved, and the foundation continues to benefit from greater efficiency and a stronger focus on specific goals. However, as these issues were addressed, he began to care more about another concern: he often sees people saying, 'Vitalik has always talked about Ethereum needing to be decentralized, having privacy, and becoming a shelter technology, but why do the actions of the Ethereum Foundation not reflect these ideals?' Of course, there are those who hold completely different views. Some do not feel there is a crisis at all, but rather believe that the Ethereum Foundation has finally begun to take execution and business development seriously, and the next focus should be to continue along this path faster and stronger. Vitalik believes that this difference essentially reflects varying sensitivities to different types of criticism, and he is more easily hurt by criticisms regarding deviations from values. Vitalik stated that the Ethereum Foundation should not be 'the center of Ethereum,' but rather 'a node with clear responsibilities, existing alongside other nodes.' In the past, they have always said this, but many people in the ecosystem, including some within the foundation, hoped the foundation would become a true center. Now, they are taking concrete actions to ensure the foundation becomes the latter. This is particularly important because the Ethereum Foundation is essentially a resource-limited and organizationally limited entity. The foundation currently holds only about 0.16% of all ETH, which is even lower than many large ETH holders; whereas many other blockchain projects' 'central foundations' typically control 10%-50% of their tokens. The current Ethereum Foundation has decided to use its remaining resources to pursue 'long-term viability' rather than continuous expansion (which also means they will sell less ETH). The foundation will focus on those things that are crucial for Ethereum to become a censorship-resistant, control-resistant, open, private, and secure system, but that no one else would do if the foundation does not. This means they must make difficult choices. Some projects and individuals they highly respect may no longer belong to the foundation's system in the future. In fact, if they want important tasks to attract external capital, it may be necessary to keep some talented individuals, influential public figures, and those who share the mission and CROPS philosophy outside the foundation. This also means that the Ethereum Foundation will take a clearer and more principled stance on a cultural level.

  • ETH Surpasses $2100

    Market data shows that ETH has surpassed $2100, currently priced at $2101.04, with a 24-hour increase of 1.9%. The market is experiencing significant volatility, so please ensure proper risk management.

  • U.S. Officials: Agreement with Iran Expected Not to Be Signed on Sunday, Some Issues Remain

    On May 24, Axios reported, citing a U.S. official, that Iran's Supreme Leader has approved the overall framework of the agreement. There are some important statements for us and some significant wording for Iran. It is expected that the agreement with Iran will not be signed on Sunday, as there are still some issues that need to be resolved. The current status of the Iranian regime is progressing slowly, and completing the necessary approvals will take a few days.

Daily Must-Read

Popular Activities

RaveDAO at Terra Solis by Tomorrowland: A Female-Led Techno Night Where Web3 Culture Converges

RaveDAO at Terra Solis by Tomorrowland: A Female-Led Techno Night Where Web3 Culture Converges

April 30 - April 30
Dubai

Popular Tags

Cointime
News
Contents
RSS
Company