Background
On February 23, 2024, we detected an attack on Ethereum: https://etherscan.io/tx/0xf0464b01d962f714eee9d4392b2494524d0e10ce3eb3723873afd1346b8b06e4 targeting BlueBerryProtocol, resulting in a loss of approximately 455 ETH, equivalent to 1.4 million USD. Fortunately, the attack was intercepted by a whitehat with the ID c0ffeebabe (0xC0ffeEBABE5D496B2DDE509f9fa189C25cF29671[c0ffeebabe.eth]), who returned 366.5 ETH, equivalent to 1.2 million USD.
BlueBerryProtocol is a DeFi project based on a Compound, providing services such as lending and borrowing. The specific operational mode is illustrated in the following diagram:
Attack Analysis
The attacker first borrowed 1 WETH from Balancer Valut through a flash loan.
Subsequently, the attacker deposited 1 WETH into BlueBerryProtocol and minted 1 bWETH. Then, using the collateralized 1 bWETH, the attacker borrowed 8616 OHM (Decimal=9), 913262 USDC (Decimal=6), and 6.86 WBTC (Decimal=8) respectively.
Finally, the attacker swapped the obtained OHM, USDC, and WBTC for 457 ETH through Uniswap.
Root Cause Analysis
The root cause of the issue lies in mishandling decimals when dealing with different assets. WETH has a decimal of 18, OHM has a decimal of 9, USDC has a decimal of 6, and WBTC has a decimal of 8.
However, BlueberryProtocol’s price oracle scales all token prices based on a decimal of 18.
This caused the value of OHM to shrink by 1e9, USDC by 1e12, and WBTC by 1e10. As a result, the attacker managed to borrow assets worth 460 ETH by only collateralizing 1 ETH.
Conclusion
The vulnerability in this case stemmed from the project using the same code to handle different tokens without considering the differing decimals. This led to a significant devaluation of assets with smaller decimals, allowing the attacker to borrow valuable assets at a minimal cost. It is recommended that project teams conduct thorough audits and cross-audits of smart contracts before deployment to prevent such security issues.