Summary

On Dec-28–2020 at 08:08:12 AM +UTC an exploit was abused on Cover Protocol’s shield mining contract (Blacksmith). The core Cover Protocol product is not affected and is functioning as intended. This exploit only affected the mining contract and the $COVER token.

What was the root cause?

As many have explained, this line of code caused the updating of the pool state to be ineffective on the miner’s state when depositing. This misalignment will cause the Blacksmith to mint more rewards to the miner. This bug has been present (unknown to devs) in the Cover Protocol Blacksmith contract since the day it was deployed after being audited.

A community member informed us on Dec 27th at 6pm UTC that they were able to gain a little rewards boost on their deposit. After investigating the issue, we attempted to mitigate the problem by implementing the following:

  • Adding an update pool transaction before the deposit so that the pool was updated when user deposits, this will mitigate the issue for users using UI.
  • Starting a cron job to run every 20 mins to update any pool that hadn’t been updated recently.

The more frequent the pools are updated, the less extra rewards the miners will get. To our knowledge and analysis at the time, the above two should mitigate the problem to a point that is not worth exploiting. To our deepest regrets, we missed the amplifier(below).

The missed amplifier was the difference between the amount the miner deposits and the total lpTokens existing in the pool pre-deposit. The greater the difference(1wei v.s. 1e18 wei for example), the bigger the above bug caused extra rewards. If the difference is big enough, the time passed does not matter, miners can still gain ~infinity amount of COVER tokens.

In the event of Grap Finance’s interactions with the contract, 1 wei was left in the pool. It multiplied the rewards by 1e18+, causing the mint of 40 quadrillion $COVER.

This happened on all pools that had less than 1e18 lpToken total deposited, mostly are new and the exploiter was the first to act.

Timeline for Exploiter 1

Dec-28–2020 04:09:27 AM +UTC

  • A new Balancer pool was added to the Blacksmith contract from the team’s multisig via a transaction for the new coverage expirations.

Dec-28–2020 08:08:12 AM +UTC

Dec-28–2020 at 08:11:16 AM +UTC

Dec-28–2020 08:47:15 AM +UTC

Dec-28–2020 09:18:28 AM +UTC

In total, Exploiter 1 stole around $4.4 million of user funds and transferred it to this address. We are actively tracking this address and others which participated in the exploit.

Timeline for Grap Finance

Dec-28–2020 11:54:47 AM +UTC

Dec-28–2020 11:58:04 AM +UTC

Dec-28–2020 11:58:56 AM +UTC

Dec-28–2020 12:00:21 PM +UTC

Dec-28–2020 12:02:04 PM +UTC

Dec-28–2020 12:29:03 PM +UTC

Dec-28–2020 12:59:27 PM +UTC

Dec-28–2020 at 01:41:01 PM +UTC

Timeline of Cover Protocol team

Dec-28–2020 at 08:11:16 AM +UTC

Dec-28–2020 at 10:54:00 AM +UTC

  • A non-dev team member was notified of the ongoing incident, and rushed to notify the core team. Unfortunately all of the devs were asleep at this time.

Dec-28–2020 12:02:04 PM +UTC

Dec-28–2020 at 12:04:00 PM +UTC

  • 2 core team members wake up and are instantly notified of the incident. They immediately begin working on mitigating the exploit.

Dec-28–2020 at 12:22:19 PM +UTC

Dec-28–2020 at 1:30:00 PM +UTC

Dec-28–2020 at 11:51:00 PM +UTC

Moving Forward

We hope this post-mortem allows users to get a better grasp and understanding of the exploit that took place today.

We are still on target to release V2 (Q1 of 2021) for Cover Protocol. We are sincerely sorry about the outcome of the attack and we thank everyone so much for your continued support.

A compensation plan, using a snapshot (taken some point before block #11541219) to distribute a new token and the returned 4,351 ETH, will be drafted up in the next couple days and will be released as soon as possible. Please stay tuned.

Acknowledgements

We would like to thank the whole Yearn Ecosystem and also everyone who reached out to offer their support. The amount of information gathered in the time from the attack to this post would have not been achievable without the below individuals.

Contributors in gathering information/data (in no specific order & sorry if we are missing anyone):

Leo Cheng; Sam122; x48; banteg; milkyklim; Emiliano Bonassi; Julien Bouteloup (and the REKT team); Facu; dougETH; andy8052; dudesahn; Vasa; The Peckshield Team; The Arcadia Group Team; Binance

Disclaimer

COVER is a completely valueless governance token and has 0 financial value. Please exercise proper due diligence before interacting with Cover smart contracts, staking contracts, and all subsequent deployed contracts associated with Cover.