en
Back to the list

How an Ethereum Bot Used Uniswap to Save $5.4 Million From Curve Exploit

source-logo  decrypt.co 31 July 2023 23:49, UTC

As crypto’s decentralized finance ecosystem quaked on Sunday amid $52 million stolen from Curve Finance, one trading bot jumped into the fray. Its mission: copy the attackers-at-large, secure millions of dollars in crypto before it’s gone, and then give it all back in an apparent white-hat intervention.

An issue with the programming language Vyper, used for writing smart contracts on the Ethereum blockchain, provided a window of opportunity for exploits involving liquidity pools on Curve Finance, one of DeFi’s go-to exchanges.

At the time of writing, Curve has $1.6 billion in total value locked, down 42% over the past day, yet still a significant slice of Ethereum’s $23-billion DeFi landscape, according to DefiLlama.

Attackers manipulated the price of tokens in several liquidity pools, where one token can be exchanged for another. Recent reports from the blockchain security firm PeckShield estimate that $52 million has been lost. But the attackers didn't get away with the entire stash.

Someone used the exploit in Curve’s CRV-ETH liquidity poolwhere Ethereum can be swapped for the exchange’s governance token, Curve DAO (CRV)to, in a sense, exploit the exploiters. The transaction cost about $32 worth of crypto in transaction fees but yielded 2,879 Ethereum—a profit of around $5.4 million.

The 2,879 Ethereum was ultimately returned to Curve by a bot bearing the name “c0ffeebabe.eth,” according to Etherscan. Ethereum addresses are a long string of alphanumeric characters by default, but the bot’s owner gave it a human-readable name using the Ethereum Name Service. PeckShield also attributes the bot with having nabbed another $1.6 million from synthetic asset protocol Metronome, but it's yet unclear if these funds were also returned. PeckShield did not immediately reply to Decrypt's request for clarification.

The bot's action was a lucrative, split-second arbitrage play, involving flash loans and the decentralized exchange Uniswap, Yixin Cao, lead data scientist at the DeFi analysis platform EigenPhi told Decrypt.

“Not a lot of actors can do this type of thing,” she said. “There are a lot of sophisticated attackers out there, but this kind of arbitrage requires very in-depth knowledge.”

Uniswap and Balancer

EigenPhi’s breakdown of the transaction outlines 16 distinct steps taken by the bot—but the play hinged on two distinct DeFi projects.

C0ffeebabe.eth’s split-second trade first tapped Balancer, a liquidity protocol, for a flash loan of 100 Ethereum. Flash loans are uncollateralized and require debtors to pay them back within the same transaction.

Then, Uniswap was essential, Cao said, because it allowed c0ffeebabe.eth to capitalize on the discrepancy between CRV’s price on Uniswap and Curve it planned to create by using the Vyper bug. The bot swapped 70 Ethereum for over 190,000 CRV using Uniswap.

An initial burst of 30,000 CRV directed at Curve’s CRV-ETH pool caused the Vyper bug to throw it out of balance. The pool’s unbalanced state allowed c0ffeebabe.eth to exchange its remaining CRV for 2,949 Ethereum—317 times what it would have otherwise been able to get without the exploit.

After the flash loan was repaid, that left c0ffeebabe.eth with a sizable profit.

The Vyper exploit turned what would’ve been a small play into a massive one, Cao said. Without leveraging the vulnerability, c0ffeebabe.eth would’ve walked away with only 9.3 Ethereum based on a simulation conducted by EigenPhi.

On-chain Hope

Not long after the deed was done, c0ffeebabe.eth broadcast a message using Internal Data Messages (IDM), which allows messages to be sent on Ethereum’s blockchain.

Moving funds to cold wallet for now, affected protocols can contact via etherscan chat,” the person behind the bot said on-chain, signaling they would hold the stolen funds in a digital wallet securely that has private keys isolated from the internet.

“Deployer from Curve,” one Ethereum account responded on-chain, identifying itself as part of the Curve team. “One tx you front-ran was a hack of CRV/ETH pool. Can refund?”

Several blockchain security experts told Decrypt that c0ffeebabe.eth’s trade did not appear to be an example of front-running. Regardless, the bot eventually parted with what would’ve been its biggest payday ever.

Prior to Sunday, c0ffeebabe.eth had amassed around $29,000 in profit across different arbitrage transactions, according to EigenPhi’s account profiler. Even though Sunday’s takeaway overshadowed the bot's performance to date, it didn’t prevent c0ffeebabe.eth from fulfilling its selfless, white-hat service.

decrypt.co