Slow Mist: Analysis of Harvest.Finance’s Hacked Event
On October 26, 2020, according to news from the SlowMist Zone, the Harvest Finance project suffered a flash loan attack, with losses exceeding 4 million US dollars. The following is a brief analysis of the incident by the SlowMist Security Team.
1.The attacker transfers 20 ETH through Tornado.cash as a subsequent attack fee
2.The attacker borrowed huge amounts of USDC and USDT through UniswapV2 flash loan
3.The attacker first uses Curve’s exchange_underlying function to change USDT to USDC. At this time, the investedUnderlyingBalance in the Curve yUSDC pool will be correspondingly smaller
4.The attacker then deposits a huge amount of USDC into the Vault through Harvest’s deposit. At the same time as the deposit, Harvest’s Vault will cast fUSDC. The calculation method of the amount cast is as follows:
The underlyingBalanceWithInvestment part of the calculation method takes the value of investedUnderlyingBalance in Curve. The change of investedUnderlyingBalance in Curve will cause Vault to cast more fUSDC.
5. Then use Curve to change USDC to USDT to bring the unbalanced price back to normal
6. In the end, you only need to return fUSDC to the Vault to get more USDC than when you recharged.
7. Then the attacker began to repeat the process and continue to make profits
Other attack processes are similar to the above analysis process
Reference transaction hash: 0x35f8d2f572fceaac9288e5d462117850ef2694786992a8c3f6d02612277b0877
Summary: This attack is mainly because Harvest Finance’s fToken (fUSDC, fUSDT…) uses the quotations in the Curve y pool when minting coins (that is, using Curve as the source of price feed), which allows the attacker to manipulate external prices through huge exchanges to control the number of fToken minting in Harvest Finance, so as to make the attacker profitable.