A Potential Solution to Today’s DeFi Exploit of Opyn Options Protocol
DeFi options are still in a nascent stage.
DeFi Twitter was abuzz this morning with news of yet another DeFi hack. This time the activity hit a little close to home for the FinNexus team as the hack occurred on the Opyn options platform. FinNexus is also building its own pooled model for FNX Options that will exist simultaneously on Wanchain and Ethereum.
FNX is the sole token in the FinNexus ecosystem of protocol clusters that spans multiple chains. The first such protocol being developed focuses on DeFi options. There are two approaches: one, FPO V0.1 tokenizes a specific option position (put/call, BTC/ETH, various dates & strike prices) and allows those tokens to be freely traded. This model is much like Opyn. The other approach, FPO V1.0, is a pooled version of decentralized options where any position can be taken (and theoretically on any asset) from a single pool of tokenized collateral. We think this approach, currently on testnet, is novel and are excited to bring it on to the Ethereum mainnet, hopefully by the end of Q3.
The DeFi community is small and supportive. Engineers are intrigued by mistakes and errors. They are a chance to learn and improve. So today the FinNexus team looked into the recent Opyn exploit that caused over $370,000 to be stolen from the Opyn smart contracts.
It was a learning experience for us. This is not the first DeFi exploit that’s happened and it won’t be the last. That’s ok. This stuff is experimental. But as a member of the DeFi Movement it is our duty to share what we learn with the community in the hope that, over time, we create more and more robust protocols.
Let’s take a look at the first piece of Solidity that caught our eye:
First, the user creates two vaults (buys oTokens) with the same option contract terms, also with the same amount of ETH required to make the physical settlement when exercising.
Second, when the user exercises, he/she inputs a sufficient amount of ‘oTokensToExercise’, which causes a ‘for’ loop.
The first ‘for’ loop occurs when the user executes _exercise (oTokensToExercise, Vault owner); and exercises the first vault; the second ‘for’ loop occurs when the user executes _exercise (oTokensToExercise, Vault owner); and exercise the second vault.
The exercising of the underlying (ETH) transferring function is triggered as in 4.1 below:
At the time of the ETH transaction, in the first ‘for’ loop, the contract judges whether the user transfers the same amount of ETH as the required ETH value of ‘amtUnderlyingToPay’. If the input is consistent, the judgment will pass.
In the second ‘for’ loop, the contract will again judge whether the user transfers the same amount of ETH as the required ETH value of ‘amtUnderlyingToPay’. As the two vaults were created with the same amount of ETH, the ‘msg.value’ will not change at all, and judging by that, hence it will trigger the second exercising. But the hacker doesn’t need to transfer the ETH for the second time.
Theoretically, one can exercise it a million times, with just one ETH input when triggering the exercising for the first time, as long as each vault’s required ETH is the same in exercising, and he/she has created enough vaults (buys enough oTokens).
To prevent the exploits from happening, ‘amount = msg.value’ should be retrieved before the ‘for’ loop, and then trigger the exercise contract. In every exercising, an equivalent amount of ETH should be deducted, and hence settled. If the amount is not enough to make a further settlement, the contract gives an error report.
This is just our reasoning on why the exploit happened today against opyn. We hope it may be of use in assessing the situation.
Together we make the DeFi movement stronger.
About FinNexus
FinNexus is building a suite of open finance protocol clusters that will power hybrid marketplaces trading both decentralized and traditional financial products. The headline product to be released is a fully decentralized bitcoin (and other cryptocurrency) options model that will live on both Wanchain and Ethereum.
Newsletter | Whitepaper | Telegram | Twitter | Linkedin | Facebook| Discord
