On 16 June 2022 a threat actor exploited Inverse Finance with a flash loan attack which netted them 1068.215 ETH after conversions, about $1.26 million in total. The attacker then sent 1,000 ETH to Tornado Cash and left $75k remaining in the wallet.
Inverse Finance is a suite of permission-less decentralized finance tools governed by Inverse DAO, a decentralized autonomous organization running on the Ethereum blockchain.
Exploiters used a flashloan attack to trick the protocol and initially used a fund of 1 Eth which was withdrawn through Tornado Cash. On chain data shows that the exploiter flash-borrowed ~27,000 wrapped bitcoin (worth about $579 million) from lending protocol Aave to conduct the attack at around 4:47 AM ET. The funds were routed through swap service Curve for various stablecoins before being used to remove DOLA, a stablecoin, from Inverse Finance pools. An address tagged as “Inverse Finance Exploiter” sent ~900 ETH to Tornado Cash following the exploit. Overall, 53.24 wBTC ($1,131,657) and 99,976 USDT were taken.
That same day, Inverse Finance developers paused borrowing functions for users and said they were investigating the incident on their Twitter account Inverse+ on Twitter.
On 2 April 2022, Inverse Finance was previously exploited via a flash loan which manipulated Oracle price for ~$14.5M. Inverse Finance Exploit The attacker successfully manipulated the price of INV tokens by accessing Oracle on a decentralized exchange Sushiswap.
The attacker’s contract flashloaned 27,000 WBTC tokens from AAVE.
WBTC was added as liquidity to the Curve pool: WETH-USDT-WBTC.
The obtained LP tokens were deposited to the Yearn’s Vault.
Yearn’s Vault tokens were deposited to Inverse Finance’s Yearn 3Crypto Vault to serve as collateral on Inverse Finance.
The malicious smart contract then uses the remaining 26,775 WBTC (around $569M) of the initial flashloan to swap it for 75 Million USDT on Curve 3Crypto (WETH-USDT-WBTC).
The above step manipulates the pricing oracle by imbalancing the pool compared to when the collateral was provided on Inverse Finance’s Yearn 3 Crypto Vault. The attacker is then able to borrow $10M worth of Dola USD StableCoin (DOLA).
Then, the 75M USDT is swapped back for 26,626 WBTC
The attacker’s smart contract then uses the borrowed DOLA to provide liquidity to the Curve Metapool for DOLA-3Pool.
The liquidity is then removed for around 10.1M USDT.
Then, it converts 10M USDT to 451 WBTC using the 3Crypto pool on Curve. A remaining 99,976.294 USDT was kept in the attacker’s smart contract.
The flashloan is finally repaid on AAVE.
The vulnerable contract uses the YVCrv3CryptoFeed as the price oracle for Inverse Finance's DOLA lending pool. The YVCrv3CryptoFeed price oracle determines the price of the Yearn’s Vault token based on the balance of different tokens in the USDT-WBTC-WETH Curve pool, which can be manipulated by the attacker.
The attack left 53.244 WBTC and 99,9976.294 USDT remaining on the contract which was withdrawn by the attacker calling a function on their contract. The WBTC was swapped for 983.290 Ether and USDT was swapped for 84.925 Ether, totaling 1068.215 Ether. Multiple transactions of 100 Ether were then sent to Tornado Finance for the attacker’s exit profit.
Would we spot the issue during the audit? Yes. We would be able to identify the insecure price oracle usage.