xFORCE Exploit Post Mortem

Force
3 min readApr 4, 2021

--

Originally published at https://blog.forcedao.com on April 4, 2021.

Dear Force Community, I’m writing this post to share further information with regards to the xFORCE contract exploit that began at around 7:06 am UTC.

  • We take responsibility for this engineering oversight and have begun processes to ensure any such incidents are mitigated in the future.
  • We also want to thank the White Hat hacker who helped deter further FORCE tokens from being drained. We have a bounty for you.
  • All funds on our platform are safe, only xFORCE was affected. A total of 183 ETH (~$367K) worth of FORCE were drained and liquidated.
  • For the time being, I can confirm that there will be a snapshot and new token. We’ve begun internal re-structuring and will be announcing a plan over the coming days making any affected FORCE holders and LPs whole.

Although this is an unfortunate event given the stage of our project, I’m confident we will continue to deliver the mission we’ve set for ourselves.

Below I share the following:

  • Exploit Timeline
  • Analysis
  • Who was affected?
  • Next Steps

Exploit Timeline

#1 White Hat:

#2 Black Hat:

#3 Black Hat:

#4 Black Hat:

#5 Black Hat:

#6 ForceDAO Team

  • At this time, 3 of the 5 Black Hat exploiters still had FORCE tokens in their addresses, and were able to sell for ETH.
  • Our team made an executive decision at around 8am EST, to transfer 60M FORCE tokens from the treasury multisig into a deployer wallet to create and execute 3 votes that would effectively burn the FORCE balances in the 3 Black Hat addresses.
  • First Txn:
    https://etherscan.io/tx/0xb02206a51c6f3d836610a3b394c2c3f74acc22d57a8e9b6ae298ba87197752df

Analysis

  • The xFORCE vault is a xSUSHI contract fork. The implementation used assumes tokens revert the transaction on failure. https://github.com/ForceDAO/contracts/blob/master/contracts/ForceProfitSharing.sol#L43
  • The token used by Force DAO is an Aragon Minime token that returns a false bool if “transferFrom” fails (instead of reverting).
    https://github.com/aragon/minime/blob/master/contracts/MiniMeToken.sol#L174
  • The exploiters were able to deposit FORCE tokens that would fail the transferFrom call and receive xFORCE tokens, as the xFORCE contract expects a revert from the token but instead receives false.
  • A user could then withdraw these newly minted xFORCE tokens for the remaining FORCE tokens in the vault, and liquidate them for ETH on exchanges.
  • This could’ve been prevented by using a standard Open Zeppelin ERC-20 or adding a safeTransferFrom wrapper in the xSUSHI contract.

Who was affected?

  • Force, xForce, and Force/ETH LPs on UniSwap and SushiSwap were affected
  • ForceDAO strategy, vault and reward pool contracts were not affected.

Next Steps

We’re currently engaged with 2 separate security firms to review and analyze our repos to ensure all contract systems perform as designed.

Over the coming days, our team will announce a plan to re-launch xFORCE — with a snapshot and new token. We continue to investigate the event with the relevant authorities as some of the addresses originated from FTX and Binance.

After everything is said and done, I continue to a have a deep belief in the success of Force DAO. We will take care of our community and I’m excited to share the products we’ve been working on after xFORCE is live.

Thank you,

Alberto

Originally published at https://blog.forcedao.com on April 4, 2021.

--

--

Force
Force

Written by Force

Bringing balance to the Force ⚡ Community-driven yield aggregator.

No responses yet