On March 8, 2021, the DODO DEX experienced a smart contract hack. The attackers were able to steal approximately $3.8 million in cryptocurrency from several of DODO’s crowdfunding pools. Of this, approximately $3.1 million of the stolen assets has since been returned.
The Initial Attack
The attack against the DODO V2 Crowdpooling smart contract took advantage of a flaw in the init() function of the contract. This flaw allowed the function to be called multiple times with different parameters.
The attacker took advantage of this flaw via a 4-step attack:
- The attacker created a counterfeit token and called the init() function of the vulnerable smart contract
- Using the sync() function of the contract, the attacker set the “reserve” variable of the contract to 0, setting it has having a zero token balance
- The attacker calls init() again but points it to a real token from one of DODO’s pools
- Using a flash loan, the attacker extracts the real tokens from the pools
With this process, the attacker is able to bypass the liquidity checks used for verifying flash loans. As a result, they are able to drain liquidity from DODO’s pools.
In Come the Bots
The DODO smart contract exploit is especially interesting because DODO was not the only one “attacked”. The original DODO attacker was the victim of a frontrunning attack by cryptocurrency bots.
A frontrunning attack occurs when a blockchain user identifies a transaction that has been published to the network but not yet included in a block. By creating a transaction with a higher transaction fee, a frontrunner can cause their transaction to be processed and added to a block before the original transaction.
In this case, a cryptocurrency trading bot frontruns the original DODO attacker’s transactions, setting a very high transaction fee for their transactions. This enabled the bot to make its transactions ten minutes before the original attacker.
In the end, two cryptocurrency trading bots took advantage of the original attack to perform their own exploits against the vulnerable contract. The owners of both of these bots have agreed to return the stolen funds, totaling about $3.1 million. The remaining $700,000 was stolen by the original attacker, and $200,000 is frozen on exchanges.
Lessons Learned from the DODO Hack
The DODO hack exploited a simple smart contract vulnerability. Some key lessons learned from the attack include:
- Access control bugs are a major issue. The init() vulnerability exploited in this attack has been around for years and is the cause of several high-profile hacks. Implementing proper access control (and managing init function calls) is essential for smart contract security.
- Frontrunning attacks can hurt anyone. Normally, frontrunning is considered an attack because it steals value from legitimate transactions. In this case, trading bots frontrunning the attacker may have reduced the impact of the attack by draining value from pools before the attacker could and returning it later.
A high-quality security audit is essential for preventing these types of attacks. Contact us at halborn@protonmail.com to learn more about Halborn’s security auditing services.