Fairyproof’s Analysis of the Attack on Fortress Protocol
Fairyproof’s Analysis of the Attack on Fortress Protocol
On May 8, 2022, Fortress Protocol, a DeFi application deployed on the BNB Chain suffered from a governance attack. In this incident, 1048 ETHs and 400,000 DAIs were exploited. They were totally valued at $3 million.
The attacker’s address was 0xA6AF2872176320015f8ddB2ba013B38Cb35d22Ad on the BNB Chain.
The attacking contract was deployed at 0xcd337b920678cf35143322ab31ab8977c3463a45 on the BNB Chain.
The attacked contract was deployed at 0xc11B687cd6061A6516E23769E4657b6EfA25d78E on the BNB Chain.
The hash value of the attack transaction was:
0x13d19809b19ac512da6d110764caee75e2157ea62cb70937c8d9471afcb061bf
The vulnerability that was exploited in this incident lay in the project’s governance mechanism.
Here is how the attack was carried out:
The attacker deployed a contract to submit a proposal (proposal ID: 11) to modify the parameters of the CollateralFactor contract 5 days prior to the attack. The hash value of the contract deployment transaction was:
0x12bea43496f35e7d92fb91bf2807b1c95fcc6fedb062d66678c0b5cfe07cc002
The attacker voted for the project 2 days before the attack. According to the governance rules, the proposal would be executed 2 days after it was passed.
At 8 AM on May 8 UTC, the attacker launched the attack by executing the proposal to successfully modify the CollateralFactor’s parameters.
After the parameters were modified, the attacker could mint many fFTS tokens by depositing only a small number of FTS tokens as collateral.
In this incident, the attacker minted 4999.9 fFTS tokens and used them as collateral to borrow crypto assets including BNBs, BUSDs, BTCBs, and ETHs. The attacker exchanged these borrowed assets for DAIs and ETHs, transferred the DAIs and ETHs from the BNB Chain to Ethereum via Celer Network’s cross-chain bridge, and cashed them out via Tornado Cash.
This is another typical governance attack that happened after the attack on Rari Capital.
A reminder from Fairyproof to all projects that are governed by DAOs: be careful with the design of governance rules and mechanisms. Be aware of governance attacks.
Join Coinmonks Telegram Channel and Youtube Channel learn about crypto trading and investing