$UST (TerraUSD) is a dollar-pegged stablecoin that has depegged twice in the last few days.
How $UST works:
You can always redeem $LUNA for $UST dollar-for-dollar, and vice versa.
If $LUNA is at $50, you can redeem it for 50 $UST.
Similarly you can redeem 50 $UST for 1 $LUNA.
You can always redeem 1 $UST for $1 worth of $LUNA, even if $UST is worth <$1.
It's meant to be a stabilizing mechanism:
If $UST is trading at $0.99, arbitrageurs can buy it and redeem it for $1 of $LUNA.
Anchor Protocol is (nominally) a money market, but the important tl;dr is it pays you 19.5% to stake $UST.
As such when people sell large amounts of TerraUSD, putting downward pressure on the price, more Luna will be printed and supply could increase exponentially.
Validators “decided to halt the Terra chain to prevent governance attacks following severe $LUNA inflation and a significantly reduced cost of attack.”
On April 30th, seven of Rari’s Fuse pools were drained for a total of ~$80M
Rari uses forked Compound code, which doesn’t follow the check-effect-interaction pattern, and has led to a number of re-entrancy incidents: CREAM, Hundred, Voltage/Ola.
In this case though, the re-entrancy pattern is via CEther which uses call.value to send ETH. In the case of the receiver being a contract, call.value is able to make another call which can be abused.
This vulnerability was reported in early March and mitigated by upgrading the CToken and Comptroller contracts. However, the new re-entrancy protections didn’t cover the function exitMarket within the Comptroller contract.
By using flash loans to borrow ETH, the attacker was able to re-enter via call.value, calling exitMarket in order to withdraw the flash loaned collateral whilst also keeping the borrowed ETH.
Following the attack, the hacker began depositing the proceeds into Tornado Cash, however stopped after moving just 5400 ETH (~$15M).
With the remaining $62.7M still in the wallet, is the hacker considering the offer of a bounty to return the funds?
Saddle Finance, a decentralized exchange for trading stablecoins, was hacked for $11 million. BlockSec was the first to notify Saddle. Interestingly, BlockSec was able to rescue $3.8 million from the exploiters with an "internal system" that can detect and front-run hacking incidents using off-chain arbitrage bots called flashbots.
The funds were taken from the protocol’s sUSDv2 metapool in which Synthetix’ sUSD is paired with saddleUSD-V2 LP tokens (from the DAI, USDC, USDT pool).
The exploit was possible due to a bug in an old version of the MetaSwapUtils library which doesn’t use a VirturalPrice to calculate the value of the LP token during metapool swaps.
The issue had been fixed in the current version, but the swap calculation was still using the old version.
The hacker made a series of flash loan assisted sUSD/saddleUSD-V2 swaps in the metapool, manipulating the price of the LP token which could then be swapped back for more sUSD.