Yearn Finance Exploit Explained

Today, the Yearn.finance protocol fell victim to a large-scale flashloan attack having lost more than $10M in total. The attacker managed to gain 1.7M USDT, 513K DAI and 506K 3CRV.

Want to know more about Decentralized Finance? Everything you need to know is in our book! Available NOW on Amazon!

As you may now, the specificity of flash loan transactions is that they consist of three parts: receiving a loan, using the borrowed funds for making profits and repayment of the loan. All related transactions are bundled and executed in one block.

The scheme Yearn.finance has been attacked with consisted of the following actions, which can be tracked by this link:

1. Borrowing 116K ETH on dYdX;
2. Taking a flash loan of 99K ETH from Aave;
3. Borrowing 129M DAI and 134M USDC from Compound;
4. Investing 134M USDC and 36M DAI to the 3CRV Curve pool;
5. Withdrawing 165 M USDT from the 3CRV Curve pool.

The next four steps were repeated 5 times each:

1. Depositing 93M DAI to the yDAI vault. The amount lowered with each iteration;
2. Depositing 165 M USDT to the 3CRV pool.
3. Withdrawing 92M DAI from the yDAI vault. The amount lowered with each iteration;
4. Withdrawing 165M USDT from the 3CRV pool.

By the last iteration, the attacker has withdrawn 39M DAI and 134M USDC (instead of USDT).

These iterations reflect how the attacker actually made money: having borrowed huge funds, he could cause imbalance of prices for three stablecoins in the 3CRV Curve pool. Depositing the large amounts of DAI and USDC, he manipulated prices for these stablecoins. Prices of DAI and USDC lowered, the USDT price increased.

With each cycle of the scam, Yearn.finance was receiving undervalued DAI and USDC.

1. Repayment to Compound;
2. Repayment to AAVE;
3. Repayment to dYdX.

The described scheme totaled to 11 transactions, whose processing took 40 minutes:

Each transaction contained more than 160 events nested into one block. By each transaction, the attacker benefited from imbalanced evaluation of stablecoins on Curve, gaining the opportunity to receive much more 3CRV tokens compared to conditions of the previous, unaffected pool state. The gained 3CRV increments were transferred to his EOA (0x14ec0cd2acee4ce37260b925f74648127a889a28) and exchanged to the stablecoins (1 620 230 USDT and 513 356 DAI) by each scam cycle. One part of the gain — 506,814 3CRV — was kept unexchanged.

Moreover, gained leftovers in USDT (~11K USDT with each transaction) were also sent to the mentioned attacker’s address. The screenshot given below shows the 3CRV profits the attacker made with each transaction.

In total, the attacker has stolen around $2,8M. The manipulation of prices for stablecoins on Curve also resulted in $3,5M transferred to liquidity providers of the 3CRV pool. Another $3,5M were distributed to holders of veCRV. The total loss of Yearn.finance reached more than $10M.

The team of Yearn.finance revealed the scamy events in time and managed to prevent further losses: yDAI, the yTUSD, yUSDc and yUSDT vaults were switched off through calling the setMin(0) function.

Also, the Tether team was able to block 1.7M USDT on the attacker’s EOA wallet .

https://twitter.com/Tether_to/status/1357709507665756167 https://archive.is/VrZh5

The described attack shows that flash loans are still among the biggest yield farming risks, and even leading and the most innovative DeFi platforms like Yearn.finance can become victims. This underlines how important is the ability of DeFi teams to detect scams in time, react fast, protect endangered funds and analyse vulnerabilities to prevent losses.

Join the De.Fi Telegram channel

Follow De.Fi on Twitter

Read other De.Fi guides on Medium

Subscribe to our announcements!