Decentralized Finance (DeFi) has become one of the most visible applications of blockchain technology. The vast amounts of money invested in DeFi projects also make them a common target of attacks.
A lot of different types of projects fall under the DeFi umbrella with different objectives, codebases, etc. However, the attacks against these projects tend to fall into a few different categories:
Incorrect Liquidity Pool Calculations
One of the most common and most exploited types of flaws in DeFi contracts occurs when calculating the value of tokens within the pool.
When DeFi users invest tokens in a pool, they receive a stake, which allows them to extract value in the future. Often, liquidity pools will calculate the value of the tokens that they contain based upon the current composition of the pool rather than an external oracle. Attackers take advantage of this in flash loan attacks where they dramatically unbalance a pool for the duration of a transaction. This unbalanced pool causes the calculation of the token’s value to be incorrect and enables the attacker to drain value from the pool.
This type of attack against DeFi protocols has been one of the most common and damaging types in recent months. Examples of protocols exploited in this way include Belt Finance, Rari Capital, and BurgerSwap.
Stolen and Leaked Private Keys
Blockchain protocols use public key cryptography to manage access to and control over blockchain accounts. A blockchain account’s address is derived from a public key, which is linked to a private key. Any transaction made on behalf of that account must be digitally signed with the appropriate private key.
As a result, many blockchain attacks target these private keys. Keys can be compromised or stolen in a variety of different ways including:
- Compromised MetaMask: MetaMask is commonly used to interact with and perform transactions on the Ethereum blockchain. Several DeFi users and projects - including the CEO of Nexus Mutual and the EasyFi project - have lost cryptocurrency when they used malicious versions of MetaMask installed on their machines.
- Leaked/Stolen Mnemonic Phrase: Mnemonic phrases are a common way to make private keys easier to remember or enter when recovering or setting up a new wallet. Some DeFi-related hacks have involved the theft or accidental exposure of these keys.
- Poor Key Generation: Private keys should be generated using a secure random number generator. If these keys are generated improperly with a poor source of randomness, then an attacker may be able to guess them and gain control over a blockchain account.
Poor Access Control
Many DeFi smart contracts include privileged functions. These functions are designed to only be called by the owner of the contract and have access controls in place to enforce this. Commonly, access is managed by specifying that calls to the function must be performed by one or more addresses from a set of addresses.
In some cases, these access controls are missing or implemented in a way that allows an attacker to bypass them. If this occurs, then the attacker has privileged access to the contract, which frequently permits them to drain value from it.
Some recent examples of such a vulnerability are the Poly Network and Punk Protocol hacks, where the attacker claimed control over the projects’ contracts and used this control to drain value from them.
Blockchains do not immediately add transactions to the distributed ledger. Transactions are broadcast to the blockchain network as soon as they are created but are stored in mempools on each blockchain node until they are added to the ledger as part of a block.
The gap between the creation of a transaction and its inclusion in the ledger creates the opportunity for frontrunning attacks. The attacker (commonly a bot) will look for transactions that they can exploit (taking advantage of Miner Extractable Value). If they see one, they create their own version of the transaction with a higher transaction fee and transmit it to the network. Since blockchain miners commonly order transactions in blocks based on their transaction fee, the attacker’s transaction comes before the original one, netting them a profit.
Frontrunning impacts DeFi security in a few different ways. Many bots will use frontrunning to make a profit based on foreknowledge of users’ transactions. In some cases, this is malicious, while, in others (such as the DODO DEX and Punk Protocol hacks), a bot frontruns an attempted exploit and then returns the stolen tokens to the exploited protocol.
The 51% attack is probably the most well-known threat to blockchain security. This attack vector is typically associated with Proof of Work protocols and exists due to how blockchain consensus algorithms are designed.
Blockchain consensus algorithms are typically implemented using some form of majority vote. In Proof of Work, miners “vote” with their computational power by using it to find valid versions of blocks. Blockchain uses the longest chain rule to eliminate conflicting versions of the blockchain, so whichever version of a divergent blockchain grows more quickly wins. Since this is typically the version with the most computational power behind it, this system boils down to a majority voting scheme.
In a 51% attack, an attacker has the majority of the blockchain’s computational power or the majority of the vote. This allows them to make their version of the blockchain grow faster than the legitimate one, replacing it under the longest chain rule and allowing them to rewrite the contents of the distributed ledger at will (enabling double-spend attacks).
As blockchain networks grow larger, it becomes increasingly expensive to perform 51% attacks. However, some smaller projects like Bitcoin Satoshi’s Vision (BSV) have been subject to 51% attacks in the last year. For smart contract platforms running DeFi code, a 51% attack threatens the security of the protocol.
Rug Pulls and Ponzi Schemes
Many attacks on DeFi protocols come from external threats, but this is not always true. In some cases, DeFi users are the victims of attacks from the developers and owners of the protocol itself.
Rug pulls are regrettably a fairly common form of an insider attack. In a rug pull scheme, someone inside the company with privileged access to its contracts uses this access to drain value from the protocol. Typically, the project and the team behind it then disappear, leaving the victims with little recourse to address the issue.
Securing the DeFi Ecosystem
Blockchains are complex systems, and DeFi protocols are code running on top of them. Since DeFi depends on the security of all layers of the blockchain ecosystem, they can potentially be compromised in a variety of different ways.
Securing a DeFi project requires a clear understanding of the potential threats that it faces. Gaining this understanding requires a comprehensive security audit that looks at not only the code of the project’s smart contracts but also the environment that they operate in.
For more information on how blockchain security firm Halborn conducts its security audits, contact [email protected].