Post-Mortem: Precision Loss Attack on xBank Finance
Dear xBankers,
It is with regret that we inform you that xBank Finance was exploited. We have conducted a thorough investigation into the issue and have found that the exploiter conducted a Precision Loss attack on xBank and have netted a total off ~$550,000.
Exploiter’s Address: 0xfa9d342a222f1e1052a9eea73d35e4eeba045729
Users impacted: All of xBank Finance’s depositors are affected.
Total Impact:
- 46,001.368248 USDC
- 0.57374109 WBTC
- 149.884669041911623518 ETH
This exploit is highly complicated. We hope this post mortem will not only be helpful to the xBank community, but also to other projects and builders in DeFi.
How the attack happened:
The exploiter conducted a flashloan of $7M USDC from Syncswap & deposited them into ZeroLend to borrow 2,000 WETH using his first contract, which we will refer to as “Evil Contract #1”
The exploiter unwrapped 2,000 WETH to ETH and deposited the whole amount to xBank Finance The exploiter then borrowed ~49,000 USDC, 0.57 BTC, and 1,622.43 ETH from xBank and transferred 1,622.43 ETH to another contract, which we refer to as “Evil Contract #2”.
With the funds in Evil Contract #2, the exploiter deposited a certain amount of ETH into xBank to receive an equivalent value in xETH, a receipt token for ETH deposits on the platform. Later, they manipulated the exchange rate of xETH by exploiting a precision loss through a loop.
- Initially, Evil Contract #2 deposited 0.000000000200477909 ETH to obtain precisely 0.00000001 xETH (exchange rate: 2.0047790740972892e+26).
- Following this, Evil Contract #2 invoked the redeemUnderlying function with 0.000000000400955813 ETH as input. Due to truncation of decimals on the blockchain, the contract miscalculated the required shares, resulting in a redemption of more ETH than intended. Normally, this would be inconsequential as the surplus amount is negligible.
- Evil Contract #2 iterated these steps, progressively reducing the xETH to ETH conversion until Evil Contract #1’s account became liquidatable, as xETH is used in the calculation of the liquidation formula.
After finding out that Evil Contract 1 account is liquidatable, Evil Contract 2 then liquidated Evil Contract 1 and repaid 811.21892949010806335 ETH.
After seizing all assets of Evil Contract 1 account, Evil Contract 2 redeemed all shares and got 2,149.88 ETH back, then returned 2,000 ETH loan back to ZeroLend to withdraw deposit of $7M USDC to return to SyncSwap.
Through this process, the exploiter was able to make a profit of 46,001.368248 USDC, 0.57374109 WBTC, and 149.884669041911623518 ETH from the exploit.
Transaction Link:
https://era.zksync.network/tx/0xc428a22993959cfa13f9c6623f76e8e64f9ade545e55474b9b11fdd7d7dd1d13\
Please note that this kind of attack is very hard to pull off. xBank is forked from Compound Finance, whose smart contracts were audited and carefully developed. Compound has never experienced any exploitation, and both xBank’s and Compound’s smart contracts have consistently operated as intended.
Regrettably, xBank encountered an unexpected incident where the exploiter, under specific circumstances, managed to accurately predict the exchange rate of xETH, allowing him to pull off this attack.
Next Steps
We have already reached out to the exploiter, to offer a whitehat bounty in an effort to get the users’ funds back. You can find the onchain message here.
The team will continue to investigate this exploit further, so we will continue to pause borrowing and deposit. We will keep you posted on the progress, and we sincerely appreciate your patience and understanding.
Official Links 🔗
Below are the official links for xBank:
Website: https://xBank.finance/
Twitter: https://twitter.com/xBank_Finance
Telegram: https://t.me/xBankFinance
