Acala’s Unlimited $aUSD Minting Exploit Analysis | QuillAudits

Published in

QuillHash

4 min readAug 22, 2022

Summary:

On the 14th of August, 2022, Acala Network suffered an exploit that resulted in its native stable-coin aUSD falling to almost zero. The exploit was due to a “misconfiguration” in the newly launched iBTC/aUSD liquidity pool that allowed users to mint unlimited aUSD instead of LP tokens. According to Acala Trace Results, more than 3 Billion aUSD were minted by attackers, which led to depeg of aUSD.

Introduction to Acala Network :

Acala is the main DeFi hub of Polkadot, functioning as both an automated market maker (AMM) and a decentralized bank. It’s a layer-1 smart contract platform that’s scalable, Ethereum-compatible, and optimized for DeFi.

$aUSD:

aUSD is the built-in programmable primitive of the Acala network. aUSD is the Polkadot native decentralized stable coin backed by DOT, DOT derivatives, and cross-chain assets like BTC or ETH.

Stay current with the latest DeFi/NFT events, hacks & innovations from around the globe. Don’t fall behind! https://quillaudits.substack.com/

Vulnerability Analysis & Impact:

Before understanding the Attack, let’s first understand the liquidity pool.

Liquidity Pool:

A liquidity pool is a digital pile of cryptocurrency locked in a smart contract, which results in creating liquidity for faster transactions on decentralized exchanges (DEX) and DeFi protocols. Users called liquidity providers (LP) add an equal value of two tokens in a pool to create a market. In exchange for providing their funds, they earn trading fees.

The Attack:

The $iBTC — $aUSD pool was newly launched and deployed in Acala.

There was a misconfiguration in the contract, which was not mitigated. The misconfiguration was at incentives.claim_rewards() call, which wrongfully minted $aUSD instead of LP tokens in large amounts. It took no time for hackers to mint around 1.28 Billion $aUSD causing the token price to depeg.

The misconfiguration resulted in error mints of aUSD, which were transferred to the wallet addresses of several iBTC/aUSD LP contributors when they claimed their iBTC/aUSD LP Rewards. The other people exploited the situation by a) Sending $aUSD to Moonbeam b) Swapping for $DOT and sending it to Polkadot c) Swapping for $iBTC and sending it to Interlay.

Transaction Trace Results of the address of attackers can be found here. Below are a few attackers who profited the most.

As a result of the exploit, The whole $iBTC pool got almost completely drained, but the $DOT pool could contain some of the value because it was a $DOT — $LCDOT pool which somehow limited the damage.

Eight addresses were able to make it off-chain, which amounted to an estimated loss of $1.6-$10M for the platform and its users.

After the Exploit :

On the 14th of August, Acala announced that the misconfiguration had been rectified, and they have traced on-chain activity. Later, Acala community members created a proposal that would result in the return of all erroneously minted aUSD to the protocol and the tokens later being burnt.

Around 1.6m aUSD in good value got transferred off-chain before the network shutdown, and 4.6m of wrongly minted $aUSD also left the chain. Apart from that, many tokens were transferred to CEX(Centralized Exchanges), which went unaccounted for.

8 addresses were able to bridge funds directly to Moonbeam or exchange it for $DOT and $IBTC via Acala’s swap function before sending them to the respective chains. Acala announced a 5% reward for any eight wallet owners who will return heisted funds.

More data on this can be found in the Trace Results below:

Currently, $aUSD is been traded for $0.81 at Kucoin.

How Could They Have Avoided the Exploit?

The main reason for the incident was Acala’s faulty deployment that led to the exploit. Proper detection and mitigation of vulnerability before the contract deployment could have avoided the attack.

Although they came up with a good recovery plan, still, they needed to be more careful as such dApp exploits might occur in the future if smart-contract developers do not regularly check their codes.