• White Hats just thwarted a potential $350 million heist on SushiSwap

  • After discovering and fixing a bug on the platform in less than five hours, a group of people in the crypto community led by crypto investment firm Paradigm’s research partner Sam Sun may have just saved SushiSwap’s token fundraising platform Miso from losing more than $350 million in ether.

    SushiSwap claims that no funds were lost as a result of the group effort.

    According to a post published by SushiSwap on Monday, Sam Sun and his colleagues Georgios Konstantopoulos and Daniel Robinson – all from the San Francisco-based crypto investment firm Paradigm – contacted the Sushi team to alert them to a “vulnerability” on the Miso platform’s “Dutch auction” contract.

    In a Dutch auction, investors place bids that represent the highest amount they are willing to pay. The highest bid is declared the winner after all bids have been collected. Unsuccessful bids are returned to their owners after the auction is completed.

    The weak point

    In separate posts, the SushiSwap team and Paradigm’s Sun identified that the vulnerability was centered on the ability to batch multiple calls to commitEth and reuse a single msg.value across every commitment, allowing an attacker to bid in the auction for free.

    “Batch combined with commitEth (a Miso Dutch Auction function) creates a two-pronged issue where a user can both put up a commitment higher than ‘msg.value’ thereby draining any unsold tokens and additionally drain the raised funds on the contract as refunds if the auction has reached max commitment,” SushiSwap’s team wrote in the post.

    “The bug was created when a convenience function for wallet addresses interacted with the auction contract’s refund mechanism,” explained Duncan Townsend, CTO of Immunefi, a bug bounty platform for DeFi that was also brought in to help solve the problem.

    “Users could over-bid and receive a refund for the difference between the current bid and the amount they submitted, but the refund could be repeated, thereby draining the auction contract.”

    SushiSwap’s team wrote, “All future planned auctions utilizing the specific Dutch auction contracts with ETH commitments have been paused until an updated version is redeployed.”

    The bottom line is that smart contracts are difficult to implement.

    Sun concluded his blog post by noting that one of the most important lessons to be drawn from this discovery is that even “safe components can come together to make something unsafe.”

    DeFi’s smart contracts are complex, combining “composable” Lego blocks to create new contracts and protocols. However, even when programmers use inherently safe individual components, the way these blocks are combined can have unintended, disastrous consequences. “This incident demonstrates that even safe contract-level components can be mixed in such a way that unsafe contract-level behavior results.” There is no one-size-fits-all advice to apply here, such as ‘check-effect-interaction,’ so you just need to be aware of what new interactions new components are introducing,” Sun explained.

    The event occurred shortly after the largest DeFi exploit to date occurred last week: the cross-chain DeFi site Poly Network was attacked, resulting in the loss of more than $600 million in cryptocurrencies due to a bug.

    In the case of the SushiSwap vulnerability, however, many members of the crypto community took to social media to applaud the five-hour-long collective rescue efforts led by Paradigm’s research arm.

    What's your reaction?