On June 16th, Bancor deployed the BancorNetwork V0.6 smart contract, and just two days later, they discovered a serious security vulnerability in the contract functions that hackers could exploit to transfer money from the contract.
In a smart contract, functions can have four kinds of permissions:
- Public: Can be called by everyone
- External: Can only be called externally
- Internal: Can only be called by the contract itself and by the inherited contracts
- Private: Can only be called by the contract itself
It's important to note that when the permissions are set to public, anyone can call the function to transfer money from the contract.
Bancor’s Smart Contract Code
In line 45 of the contract, we find thesafeTransferFromfunction, which allows users to transfer money from one address to another, and the associated permissions for this function are set to public.
The CertiK team investigated further and found that the Bancor team used the following wallet addresses to withdraw money through the bug and clear the contract to prevent hackers from stealing it:
The Vulnerability Exploit
On June 18th, two separate third party addresses spotted the vulnerability and took advantage of it to withdraw money from the contract. One of them was able to leverage the vulnerability and made 16 withdrawals for a total of $131,889.34. The ETH address and email address of the third party are:
- ETH address: 0x052ede4c2a04670be329db369c4563283391a3ea
- Email: firstname.lastname@example.org
After this transfer, user Arden43y revealed that the address belonged to their trading system that could inadvertently exploit human error and contractual loopholes to obtain funds. If anyone could prove that the bot stole money, the user would agree to return the funds.
The addresses of the second third party are as follows:
These addresses made four withdrawals, totaling to $3,340, which would get you a tall Starbucks coffee a day, for three years.
Bancor issued an official response (see resource #1 at the end of the article for the full article) and conducted their own white-hat attack to to transfer the balance of $455,349 from the vulnerable contract to another wallet.
The team also stated they are working with the third parties to return the money that was withdrawn.
The Fixed Contract
Since the exploit, the contract’s functions permissions were changed from “public” to “internal” as it was intended.
It only takes one small error to open up a vulnerability in a contract vulnerable, which may put many assets at risk of loss. Thankfully, the bug was not exploited by hackers, and Bancor’s users can breathe a sigh of relief knowing that their assets are safe—for now.
Vulnerabilities that are similar to function call errors can include DOS, logic errors, unauthorized access, reentry, and integer overflow. Because blockchains and contracts are immutable, even small mistakes are not easily remedied and have the potential to cause huge property losses to both users and companies.
Therefore it’s important to review code with a comprehensive security company, like CertiK, to close all loopholes and potential vulnerabilities. A security audit is an essential part of deploying any contract.
Verify with CertiK
Fortunately, CertiK’s proprietary formal verification process validates the correctness of a smart contract through mathematical means.With an estimated $1B+ of assets stolen, this level of rigor is the only way to objectively show immunity against some of the most critical and frequent vulnerabilities.
While program testing can prove the existence of vulnerabilities, it cannot provide that a bug doesn’t exist.Formal Verification mathematically proves that code will work as intended, computing all possible scenarios.
CertiK’s years of experience and world-class team of security experts has allowed us to eliminate the .00000001% chance of being attacked. To receive a free quote for an audit, reach out to us at email@example.com or visit our website at www.certik.io!
Smart contract with vulnerabilities:
Addresses of the flawed contract deployment:
The revised smart contract: