Crypto Hack

The post Behind the $20 Million Sonne Finance Hack; Unveiling the Technical Details appeared first on Coinpedia Fintech News

Staggeringly, a crypto attacker succeeded in the hack on Sonne Finance to conduct a heist using a very complex exploit that drained the company’s assets, bringing in about $20 million to the attacker. The attack played out for a few days, spotting carefully the backdoor of Sonne Finance’s VELO integration with the Optimism network. The …

Crypto Hack

The post Behind the $20 Million Sonne Finance Hack; Unveiling the Technical Details appeared first on Coinpedia Fintech News

Staggeringly, a crypto attacker succeeded in the hack on Sonne Finance to conduct a heist using a very complex exploit that drained the company’s assets, bringing in about $20 million to the attacker. The attack played out for a few days, spotting carefully the backdoor of Sonne Finance’s VELO integration with the Optimism network.

The Course of the Strike

The exploit transaction of two days duration started from the date of the attack according to the detailed analysis released by CertiK. A few days before, Sonne Finance had carried out a unanimous vote to make VELO transactions possible on the Optimism blockchain and finished all the relevant transactions through the multi-sig wallet. 

This wallet included a two-day time lock which was designed to provide an added layer of security by causing transactions to be delayed for two days.

With the completion of the two-day counting period, the attacker implemented a “c-factor” to the markets by afternoon. At this crucial step, the Vulnerable attacker transmitted 400,000,001wei VELO (a minuscule part of the VELO token) in order to mint only 2 wei.

Exploiting the System

The one to get the loan was the newly issued soVELO which borrowed 35,469,150 VELO from the AMM liquidity pool immediately after the overcollateralized VELO was moved to the soVELO contract. 

However, this transfer didn’t mint additional soVELO tokens, leading to an imbalance. The total cash money in the system continued to grow while the total quantity soVELO remained at 2 wei.

That is why the attacker successfully borrowed 265 wei of Wrapped Ethereum, with just the collateral as two wei soVeLO. Due to rounding errors in the division calculations, the adversary was able to become the owner of 35,471,603 VELO. He redeemed the number of tokens for only 1 wei of soVELO instead of the 1 VELO that was suggested.  

The Drainage Operation

The attacker had not stopped sufficiently by then. The second period, they had used 100 wei of VELO at the same time at soVELO, so that generated another wei of soVELO as a total supply of 2 wei. This way they kept running the system and got assets drained from several sources. 

The assets stolen included: 2,352. 96 VELO, 795. 38 WETH, 768,933. 76 USDC. With the emergence of e ish (a USDC coin on top of Ethereum), 162,92 WBTC (Wrapped Bitcoin),  1667. 45 wstETH (wrapped staked ETH),  777k. 566 USD (Tether) and 1,264,790. 21 USDC.

The fact that such small rounding omissions can lead to the hack’s success is a pointer to the need to audit the code effectively and have a robust failsafe in place for digital assets security in decentralized environments.

Also Check Out : Crypto Hack Report Q1 2024: Trends, Losses, and Recovery Efforts