On June 16, Inverse Finance’s Frontier money market fell victim to a flashloan attack that resulted in a net loss of $5.83 million in DOLA. The hacker got away with $1.2 million.
The hacker used the price oracle manipulation, which misuses the balances of assets in the pool to calculate the LP token price directly. More specifically, they manipulated a price oracle of the AMM LP token to flashborrow 27k wBTC. Because of the manipulation, the affected crv3 market utilized Chainlink price data instead of the internal exchange rate of the Curve protocol. The price feed incorrectly calculated the value of the AMM LP tokens because it relied on the Chainlink oracle for individual tokens. Afterward, the hacker traded 27k wBTC into the tricrypto pool, surging the price of the crv3 LP token. The attacker had the collateral to borrow 10k DOLA from the pool. They converted it to USDT, repaid the loan, and removed the rest from the cvr3 market. The attacker used a crypto mixer to get away with the illicit gains. At first, they withdrew 1 ETH from Tornado.cash to launch the attack and later deposited 1k ETH back to Tornado cash.
Tornado.cash played an essential role in the flashloan attack on Inverse Finance. The attacker used it to withdraw the stolen funds to the address that did not take part in the episode.
Tornado.cash is a cryptocurrency tumbler, also known as a cryptocurrency mixing service. In two years since its launch, a total of 3.25m ETH and 138,135 transactions have gone through Tornado.cash.
The purpose of a crypto mixer is to improve transaction privacy. Without Tornado.cash, anyone can see the complete history of transactions on a block explorer, such as Etherscan. After all, the blockchain uses a public ledger to trace any transaction. Crypto mixers are supposed to improve privacy.
There is always a debate between convenience and privacy when it comes to crypto transactions. Tornado.cash creates extra hurdles and extra fees. However, some users, including hackers, are okay with it as they value their privacy more.
Tornado.cash works by breaking the on-chain link between source and destination addresses. More specifically, the protocol utilizes a smart contract that accepts ETH deposits that can be withdrawn by a different address. The first step is to make a deposit. The user generates a random key, also referred to as a note, deposits Ether or an ERC20, and submits a hash of the note to the smart contract. The next step is to wait. Waiting after the deposit makes finding the link with the subsequent withdrawal more challenging. The final step is to make the withdrawal. The user submits the key to one of the notes, and the smart contract transfers Ether or the ERC20 to the specified address.
With the help of an external relayer, it is possible to withdraw to an address with no balance. Tornado.cash claims there is no way to make a solid connection between the withdrawal and the deposit. This way, the cryptocurrency mixing service achieves on-chain privacy.
Crypto tumblers do not guarantee absolute anonymity. Tornado.cash only secures on-chain privacy. It is still possible to make an educated guess and link a deposit to a withdrawal, mainly when they occur on the same day. A batch of deposits from one address and a bunch of deposits of the same size to a single address are likely to be connected. The deposits and withdrawals can be linked if made during the waking hours of the tImezone. Moreover, it is possible to identify the hacker if they leave traces in cookies for dApps, IP address, public RPC, and API token.
Enter your email address to subscribe to Hacken Reseach and receive notifications of new posts by email.