Beosin: Euler Finance was attacked due to functional logic errors

According to the Beosin EagleEye security risk monitoring, early warning and blocking platform monitoring of the blockchain security audit company Beosin, on March 13, 2023, the DeFi lending agreement Euler Finance was attacked, and the loss was about 197 million US dollars. 34,224,863.42 USDC, 849.14 WBTC, 85818.26 stETH and 8,877,507.35 DAI were stolen. At present, most of the stolen funds are still at the attacker’s address, and the attacker only transferred 100 ETH to Tornado Cash. The Beosin security team took one of the transactions as an example to analyze as follows: 0xc310a0affe2169d1f6feec1c63dbc7f7c62a887fa48795d327d4d2da2d6b111d1. The attacker first used Aave to loan 30 million DAI in a flash, and then mortgaged 20 million DAI to obtain 19,568,12 eDAI. 2. The attacker then calls the mint function to use the 19,568,124 eDAI to borrow 195,681,243 eDAI (mortgage assets) and 200,000,000 dDAI (debt assets), thus increasing his eDAI balance by ten times. 3. The attacker then pledged the remaining 10 million DAI using the repay function, and borrowed 195,681,243 eDAI and 200,000,000 dDAI again. 4. The attacker will then perform the donateToReserves operation to destroy 100 million eDAI, making eDAI smaller than dDAI to meet the liquidation conditions. 5. Finally, at the time of liquidation, because the previous attacker used the donateToReserves function and the mint function to make the ratio of mortgage assets (eDAI) to debt assets (dDAI) less than 1, the liquidator can liquidate the attacker’s debt without transferring funds to the protocol. Subsequent attackers extracted all 38 million DAI in the Euler contract and returned 30 million DAI to Aave, making a profit of about 8 million DAI.