PancakeSwap Lottery Vulnerability Bugfix Review And Bug Bounty
Summary
Whitehat hacker Thunder requested disclosure assistance from Immunefi for a critical vulnerability found in PancakeSwap’s lottery contract. This vulnerability was never exploited and was fixed before any malicious actors had the chance to exploit it.
The vulnerability allowed for a malicious user to use the multibuy method to purchase tickets while the lottery was still in the drawing phase. This meant that a user could see the lottery draw transaction, compute the winning lottery number, buy the right ticket during the draw, and frontrun with a high gas fee to win the lottery. PancakeSwap fixed the vulnerability by updating its contract to include protections against buying using the multibuy method during the drawing phase.
Vulnerability Analysis
PancakeSwap is a decentralized exchange running on Binance Smart Chain. It also runs a lottery every 12 hours, and 20,000 CAKE tokens are injected into the lottery every two days.
Whitehat hacker Thunder approached Immunefi on February 22 for help with disclosure assistance, which is a public service that Immunefi provides to whitehats and the DeFi community. When a vulnerability in a project is discovered but no bug bounty exists, Immunefi facilitates disclosure between the whitehat and the vulnerable project, supporting the process in whatever capacity required.
What was the issue?
The vulnerability was in the lottery contract — specifically the multibuy method. As part of the lottery, you can buy tickets, but once the lottery is closed, you can’t buy more. Some parameters of the lottery are uncontrollable by PancakeSwap themselves, and some of the parameters are uncontrollable by the miner, making the lottery bulletproof from that angle. In other words, PancakeSwap can’t control the timestamp, and the miner can’t control the randomness supplied by PancakeSwap.
However, the problem is that the multibuy method, which allows users to buy multiple tickets in the same transaction to save gas, didn’t prevent users from buying a ticket while the lottery was still in the drawing phase. This means that a user could see the transaction to draw the winning lottery number, compute it, and buy that ticket. On the Binance Smart Chain, the block time is relatively short, so that computation would have to be done quickly, in addition to frontrunning with a very high gas fee. But at $12 per CAKE and 20,000 CAKE per lottery, that’s $240,000 per lottery that could be discreetly and repeatedly stolen.
Protections against frontrunning existed for the buy method, but didn’t exist for the multibuy method.
Vulnerability Fix
The original code starting from line 228 and displayed below, failed to include protections against purchasing via multibuy during a draw.
function multiBuy(uint256 _price, uint8[4][] memory _numbers) external {require (!drawed(), ‘drawed, can not buy now’);require (_price >= minPrice, ‘price must above minPrice’);uint256 totalPrice = 0;
The corrected contract included require (!drawingPhase, ‘drawing, can not buy now');on line 230, which effectively patched the vulnerability. This protection had already existed on the buy method but did not exist on the multibuy method.
function multiBuy(uint256 _price, uint8[4][] memory _numbers) external {require (!drawed(), ‘drawed, can not buy now’);require(!drawingPhase, ‘drawing, can not buy now’);require (_price >= minPrice, ‘price must above minPrice’);uint256 totalPrice = 0;`
PancakeSwap deployed the fixed contract on February 23rd at 1:46am UTC.
Acknowledgements
We thank the Pancakeswap team for their rapid and effective response to the disclosure. PancakeSwap paid out an undisclosed bounty to Thunder and would like to thank Immunefi for helping to facilitate disclosure assistance. In the aftermath of the disclosure, PancakeSwap has decided to host a bug bounty with Immunefi, which launches today on March 26. For PancakeSwap, a bug bounty is essential to ensuring its smart contracts and websites stay safe.
If you’d like to start bug hunting, we got you. Check out the Web3 Security Library, and start earning rewards on Immunefi — the leading bug bounty platform for web3 with the world’s biggest payouts.
If you’re interested in protecting your project with a bug bounty like PancakeSwap is, visit the Immunefi services page and fill out the form.
