Beanstalk Farms hacked: Total damage is $182 million
On April 17th, Beanstalk- a decentralized credit-based stablecoin protocol was attacked. The total loss was $182 million, making the incident one of the biggest in DeFi history. In terms of total amount stolen, the Beanstalk attack took 4th place in the list, placing them just beneath Wormhole bridge hack ($325m), Poly Network hack ($600m), and Ronin Network hack (>$600m).
The first quarter of 2022 earned the title “the darkest 3 months in DeFi history” with an abundance of shocking hacks resulting in over $1.2 billion worth of assets being drained. The second quarter is not looking to be better in terms of security as the Beanstalk attack indicates.
It is reported that the attack was possible due to the flash loan feature implemented on the Beanstalk platform. This is a unique feature that only Decentralized Finance can offer. It allows users to borrow large amounts of crypto for minutes or even seconds to provide liquidity or take advantage of arbitrage opportunities. The borrowed amount is paid back in the same transaction. The smart contract sets out the terms and performs instant trades on the borrower’s behalf using the loaned capital.
Synopsis
The hacker used a flash loan obtained through the decentralized protocol Aave to borrow $1 billion in crypto. They then used these funds to become a supermajority voter, giving them the power to create proposals and accept them to drain all funds from Beanstalk in only one transaction. The entire process took place in under 13 seconds.
Analysis of the Beanstalk attack
The attacker initiated their plan by taking a billion dollar flash loan from Aave- a decentralised liquidity market protocol. Flash loans allow users- mostly developers, to borrow any available amount of assets without putting up any collateral, as long as the liquidity is returned to the protocol within one block transaction.
Flash loans taken by the attacker
Upon obtaining the temporary billion dollars, they bought $32m worth of BEAN token- the platform’s stablecoin. Following that, the attacker minted some $3Crv tokens by depositing the $DAI, $USDC, and $USDT into Curve Finance.
They used the minted $3Crv tokens to provide liquidity to Beanstalk’s BEAN3CRV-f and LUSDBEAN-f pools, allowing them to get their hands on a significant amount of LP units from both pools.
BEAN has a governing system that is designed to encourage people to invest in their platform by granting them voting rights. Users who stake large amounts get to have more governance rights within the protocol.
The attacker used the LP units they acquired through providing liquidity to above-mentioned pools and gained control of 70% of the total number of Seeds- a special type of asset that represents the voting power of a user.
The governance system of BEAN allows executing emergency governance actions. To initiate such executions, 66% of the seeds are required. With 70% of seed assets, the attacker was able to steal all assets from the BEAN contract, equaling $180m.
“They executed their malicious BIP via the `emergencyCommit` method of the Beanstalk Protocol and acquired 36 million BEAN units, 0.54~ LP units of the BEAN/ETH Uniswap V2 pair as well as their initial LP tokens used for the voting mechanism.” revealed the post-mortem analysis of Omniscia.
Source: PeckShield Inc.
The attacker liquidated all their assets to ETH and left the BEAN units locked in their smart contract. Attacker’s total gain is estimated to be around $80 million.
According to PeckShield, the hacker used Tornado Cash, which enables privacy in cryptocurrency transactions by concealing the link between a crypto address and destination.
$250,000 was sent to Ukraine Crypto Donation wallet.
Aftermath of the attack
In the wake of the attack, the value of the BEAN stablecoin has tanked, breaking the $1 peg and trading for around 7 cents at the time of writing.
Source: CoinGecko
One day later, Beanstalk made an offer to the exploiter with the hopes of recovering the majority of the stolen funds. They offered 10% of the stolen amount as “whitehat bounty” if the hacker returns 90% to Beanstalk Farms’ wallet.
What does BEAN attack tell us about DeFi insurance?
Uno Re- the world’s first decentralized insurance and reinsurance platform, dedicates itself to helping DeFi protocols and users stay protected against hacks. At the time of writing, there is no proven way to prevent such DeFi exploits since even audits cannot guarantee the reliability of a protocol, but it is possible to protect users in case their assets are stolen.
DeFi insurance is an emerging concept and many experts believe it will play a vital role in the future of DeFi. While 98,13% of all crypto assets remain uninsured and vulnerable. This involves Beanstalk attack victims’ assets too. This incident’s cause lies in the lack of adequate measures to prevent similar attacks in DeFi protocols that are not widely tested and consolidated. The developer team later admitted that they had not included any provision to mitigate the possibility of a flash loan attack, although presumably this was not apparent until the situation occurred.
Depegging risk is always there for stablecoins and as the Beanstalk hack demonstrated, the peg can be broken in mere seconds, leaving owners with almost-worthless coins. Uno Re provides insurance coverage for depeg risk, ensuring compensation for users should a depegging occur.
Uno Re will soon allow users and protocols to purchase bundled covers- coverage packages protecting multiple assets against various risks.
In the Beanstalk case particularly, a combined cover against flash loans & governance attacks leading to the depeg of a stablecoin would have ensured BEAN holders recompensation against any loss.
This is not the first or the last flash loan attack in DeFi and insurance will remain the only truly effective security measure until all DeFi protocols learn to become hack-proof.
Source
https://etherscan.io/tx/0xcd314668aaa9bbfebaf1a0bd2b6553d01dd58899c508d4729fa7311dc5d33ad7
About Uno Re
Uno Re is the world’s first decentralized insurance and reinsurance platform, allowing the community to invest and trade in ‘risk’ and receive sizable returns on their investments in one of the safest asset classes in the world. The platform will break barriers to entry for the retail investor by doing away with the historic pre-requisite of absurdly high capital generally needed to invest into the market while also introducing much-needed transparency into the industry as a whole. Uno Re will also allow the community to propose innovative insurance products to the space, thus propelling a new generation of Insurtech companies powered by the Uno Re ecosystem.
