Explained: The ForceDAO Hack (April 2021)

On April 4, 2021, the ForceDAO DeFi aggregator was exploited by one white-hat and four black-hat hackers.  The malicious attackers were able to steal FORCE tokens worth 183 ETH or about $367K before the ForceDAO team took action to block further attacks.

Introduction to ERC20 Error Handling

Like any program, smart contracts can experience errors.  A common issue that Solidity developers face is properly handling these errors.

When the ERC20 protocol was developed, there was an argument over how errors in token transfers should be handled.  The two options were:

1. Revert: A reversion in Solidity is equivalent to throwing an exception.  This means that the execution state of a transaction is rolled up as if it never happened.

2. Return False: The called function returns a value of false, allowing the calling function to perform error handling.

When the ERC20 standard was finalized, the community had not come to an agreement on which error handling method to choose, meaning that both options are considered “valid”.  This places the burden on the developer to ensure that their code properly handles errors.

Inside the ForceDAO Hack

The ForceDAO hack was made possible by a mismatch in two components within the ForceDAO ecosystem:

1. The exploited xFORCE vault is a fork of the xSUSHI contract, which assumes that a failed transfer will result in a reversion

2. The token used in ForceDAO is an Aragon Minime token that returns false if a call to the transferFrom function fails.

While this mismatch doesn’t matter in normal circumstances, it creates a vulnerability in error cases.  If a deposit into the xFORCE vault fails, the deposited tokens will remain in the sender’s wallet.

However, on the vault’s side, the sender will receive xFORCE tokens in exchange because the code assumes that, if it’s still running after the transfer (i.e. a revert didn’t happen), that the transfer went through successfully.

The ForceDAO attackers took advantage of this vulnerability.  By performing a deposit of FORCE tokens that was doomed to fail, they received xFORCE tokens.  These xFORCE tokens could then be exchanged for any FORCE tokens deposited in the vault by other users.

Avoiding the ForceDAO Hack

The ForceDAO ecosystem was built using code from multiple sources, resulting in a solution containing vulnerabilities that have been known about for years.  These vulnerabilities could have been detected and fixed through an in-depth smart contract audit, which should have identified the mismatch or detected the lack of error handling code after the transfer (i.e. checking for a return value of false).

If you want to learn more about Halborn’s smart contract auditing services, get in touch at halborn@protonmail.com.