Background introduction
Recently, we monitored an on-chain attack on the DCFToken project on BnbSmartChain. https://bscscan.com/tx/0xa88b907960c3c5a9dfcfd28aff12136359034653e34fa6d7bb9a6ef9c7a0532f
The attacked project is DCFToken, and the attacker made a profit of about 8,800 USD through this attack.
Attack and incident analysis
First, the attacker created a new contract and then called it.
The contract then flash loaned 2,750,000 BUSDT from PancakeSwapV3Pool.
Subsequently, the attacker used the initial funds borrowed from flash to attack DCFToken. In the first step, the attacker used the exchange function of the project’s unopened contract (BUSDT to DUSD) to exchange all DUSD of the contract with BUSDT. The signature of this function is 0xabb81c12.
Through decompilation, we get the specific implementation of this function as follows:
Step 1:
From the code, we can see that the exchange ratio of BUSDT and DUSD is controlled by stor_5. Since stor_5 was 1000 during the attack, the exchange ratio of BUSDT and DUSD was 1:1. Therefore, the attacker used 10,927 BUSDT to exchange all the DUSD in the contract.
Step 2:
Use DUSD to purchase DCFToken. The signature of this function is 0x62ee2f14. Through decompilation, we can see the specific implementation is as follows:
In simple terms, this function implements the function of using DUSD to purchase DCFToken, where the purchase price is determined by the price of BUSDT and DCFToken in PancakeSwapV2. This means that in the logic of this function, the price of DUSD and BUSDT is 1:1. Next, 1% of the purchased DCFToken will be transferred to the system address. The attacker then uses all the DUSD purchased in the first step to purchase DCFToken.
Then, the attacker repeated the above steps until he bought out the DCF in the contract used by the project to exchange DUSD and DCFToken. Then, the attacker used the exchange function of PancakeSwapV2 to exchange the DCFToken in his hands for BUSDT to manipulate the price of DCFToken. After this exchange, the price of DCFToken rose from 1 BUSDT = 126 DCFToken to 1BUSDT = 3 DCFToken.
Before redemption:
After redemption:
Step 3:
After the attacker empties the DCFToken in the project contract, he uses the DCFToken in the contract to exchange DUSD. The signature of this function is 0xd5088d27, which is similar to using DUSD to purchase DCFToken in the second step. Similarly, the purchase price is determined by the price of BUSDT and DCFToken in PancakeSwapV2. This means that in the logic of this function, the price of DUSD and BUSDT is 1:1. Then, 1% of the purchased DUSD will be transferred to the system address.
Step 4:
The attacker then uses the DUSD to exchange BUSDT function in the project contract. The signature of this function is 0xfea1cdc9, and the exchange ratio is 1:1, but 1% of BUSDT will be transferred to the project address.
The attacker continued to repeat the third and fourth steps until the BUSDT in the project contract was emptied. Finally, the attacker used the remaining DCFToken to exchange all of it for BUSDT using PancakeSwapV2, and then returned the flash loan and interest, making a profit of 8,763 BUSDT. Simply put, the vulnerability of this project appears in the calculation of the exchange price. The price of DCFToken depends on PancakeSwap, but the exchange using the project contract does not affect the price of DCFToken. Therefore, the attacker first used BUSDT to exchange DUSD and then exchanged it for DCF(99%) to empty DCFToken, then used PancakeSwap’s swap to raise the price of DCFToken, and finally used DCFToken to exchange DUSD(99%) and then exchange it for BUSDT(99%) to complete the profit.
Summary
The main cause of this vulnerability is that the DCFToken project contract uses a single source, PancakeSwapV2, to calculate the price of DCFToken, which causes the price to be manipulated by the attacker and ultimately arbitrage using the price difference. It is recommended that the project party conduct multiple verifications when designing the economic model, price calculation mechanism, and code operation logic, and try to select multiple audit companies for cross-audits before the contract goes online.
