xSNX Post Mortem
On 29 August at 04:43 UTC, a vulnerability in our xSNX contract was exploited. We estimate the loss to holders at $4.5 million. We are incredibly disappointed in ourselves and deeply sorry to our community.
At this time, we believe it best to sunset our xSNX product offering. The current xSNX implementation is by far our most complicated product, with complex dependencies and significant surface area for vulnerabilities. More info later in the post about how users will be able to unwind their positions.
Summary of Exploit
- flash loan of 25,000 ETH from dydx
- borrow of ~1m SNX from a combination of Aave V1 and V2
- swap of 6.8k ETH to 519k SNX on Bancor
Attacker now holds ~1.5m SNX
- swap of 1.5m SNX on Kyber for ~6.5m USDC, lowering SNX price considerably
- swap of ~6.5m USDC for ~6.5m sUSD on Curve
- transfer of ~2m sUSD to xSNXAdmin contract (this is the contract that holds the assets managed by xSNX), with the intention of repaying the contract’s sUSD debt in order to unlock SNX
- call of the
callFunctionfunction on xSNXAdmin contract, burning outstanding sUSD debt and swapping ~614k SNX for ~811k sUSD debt at artificially depressed price.
That the attacker was able to call the callFunction function was the source of the vulnerability. This function should only have been callable from dydx’s SoloMargin flashloan contract that we had integrated to improve fund performance on rebalances. An erroneous require statement allowed the function to be publicly callable.
We mistakenly used require(sender==address(this) when we should have used require(msg.sender==soloMarginAddress).
- swap of ~811k sUSD for ~811k USDC, which remains in the contract
The attacker then reverses all actions, swapping back to ETH and repaying loans. The source of the value extraction was that the attacker used xSNX assets to pressure SNX price and create profitable external arbitrage opportunities.
Unwinding xSNX
We will no longer be staking SNX from the xSNX contract. We’re pushing a contract upgrade early this week that will allow us to swap all of the assets in the contract into ETH to allow for maximum value at redemption. There is currently a large quantity of USDC in the contract that is not counting towards NAV so we encourage you to wait to redeem until we’ve made this update. We will post in the #announcements channel in our Discord once this is complete.
Once we’ve swapped the USDC for ETH, xSNX‘s sole holding will be ETH. You may redeem your xSNX for ETH at any time. However, we would note that starting in October, SNX from Synthetix staking rewards will begin to vest on our contract. As this SNX vests, we will swap it for more ETH. We do not have early access to SNX staking rewards so, put simply, the longer you wait to redeem, the more ETH you will receive.
Compensation
We are working this week to write accurate snapshot scripts to properly calculate investor losses. If you redeemed post-exploit, you will still receive compensation. We will need a few days to work out the details of this script and ensure accuracy.
We are a small team with a small treasury, and $4.5 million is a substantial sum. This week, we’ll be working to structure a XTK-based compensation program that allows for the possibility of investors recouping their losses. We understand that this is not an optimal resolution for all. We’re working to do the best we can with the resources at our disposal.
Going Forward
With our roots in and overlap with the Synthetix community, making the decision to sunset xSNX was very difficult. However, we’ve determined that it’s the best decision for our community at this time. As we mentioned earlier, xSNX is by far our most complex product and we want to be maximally confident in the products we’re offering investors. We are highly confident in our other products and contracts, but can no longer say the same about the current implementation of our xSNX contract.
In the future, we may explore new xSNX concepts on L2. But for now, winding xSNX down is the right decision.
Lastly, we want to say thank you to our community. Of course, tensions are high, but we’ve been grateful for the positive and supportive energy in our Discord. We really appreciate it and look forward to earning back your trust.
