Today, starting early in the a.m. (UTC), an attacker began an effort to exploit a vulnerability they had discovered in the legacy Sovryn Lend/Borrow protocol. This exploit is still being investigated. We currently know that it does not affect Zero. Present investigation indicates only two lending pools have been impacted:
This allowed the attacker to withdraw RBTC and USDT from the lending pools in the following amounts:
The below addresses have been associated with the attacker:
Some of the funds were withdrawn using the AMM swap function, so the attacker ended up with several different tokens. See below for a more detailed description of the exploit.
The unusual activity was detected by Sovryn devs and the system was placed in maintenance mode. This restricted further transactions and allowed time for developers to investigate the issue.
Due to the multi-layered security approach taken, devs were able to identify and recover funds as the attacker was attempting to withdraw the funds. The effort to recover funds is ongoing. At this point, through a combined effort, devs have managed to recover about half the value of the exploit. Fund recovery efforts are still ongoing.
User funds are not at risk. Exchequer will reinject any missing value to the lending pools.
The exploit utilized a manipulation of the iToken price. This token price is updated every time there’s an interaction with one of its lending pool’s positions. The attacker first bought WRBTC with a flash swap from RskSwap and then borrowed WRBTC from the RBTC Sovryn lending contract using their own XUSD as collateral. The attacker then provided liquidity to the RBTC lending contract, closed their loan with a swap using their XUSD collateral, redeemed (burned) their iRBTC token, and sent the WRBTC back to RskSwap to complete the flash swap. This sequence of events manipulated the iRBTC price such that they were able to take out much more RBTC than they originally deposited.