Quadriga Initiative Logo.png

QUADRIGA INITIATIVE

CRYPTO WATCHDOG & FRAUD RECOVERY PLATFORM

A COMMUNITY-BASED, NOT-FOR-PROFIT

$0 USD

SEPTEMBER 2019

GLOBAL

DDEX

DESCRIPTION OF EVENTS

"DDEX is a decentralized exchange platform but are in the process of expanding into decentralized lending so that they can offer their users the ability to create leveraged long and short positions. They're currently beta testing their decentralized margin exchange."

 

"On 12:54 am September 18th, the security researcher samczsun notified us of a potential vulnerability on a contract we used to beta test margin and lending functionality."

 

"By relying on an on-chain decentralized price oracle without validating the rates returned, DDEX and bZx were susceptible to atomic price manipulation. This would have resulted in the loss of liquid ETH in the ETH/DAI market for DDEX, and loss of all liquid funds in bZx. Fortunately, no funds were actually lost."

 

"In the case of DDEX and bZx, it was possible to take out a loan that appeared to be sufficiently collateralized, but was in fact undercollateralized."

 

"The exploit worked by drastically altering the DAI price of uniswap and eth2dai, the two projects we used to source DAI price. In a simulated contract call, samczsun used approximately 25000 of ETH to drastically alter the price of DAI, which allowed borrowing to occur with very little actual collateral, resulting in a profit of approximately 70 ETH. Samczsun’s excellent post provides more detail."

 

"The fix was deployed and verified at 5:50 am September 18th. No funds were lost." "The DDEX team fixed this by deploying a new oracle which places sanity bounds on the price of DAI, currently set to 0.95 and 1.05." "We are extremely impressed with and grateful of samczsun’s research and disclosure, and are rewarding this find with a bug bounty of $10,000."

The DDEX originally launched their lending platform with a vulnerability which would have allowed an attacker to manipulate the price of funds, which could have been used to empty the exchange platform.

 

The issue was fixed before it resulted in any loss to any users.

HOW COULD THIS HAVE BEEN PREVENTED?

No user funds were lost in this case.

 

Check Our Framework For Safe Secure Exchange Platforms

List of Ethereum Smart Contracts Post-Mortems - Security - OpenZeppelin Community (Jun 23)
Fixed Potential Vulnerability In Contract Used During Private Beta (Jun 23)
Taking undercollateralized loans for fun and for profit (Jun 23)
DDEX - Decentralized Margin Exchange (Jun 24)
DaiPriceOracle | 0xeB1f1A285fee2AB60D2910F2786E1D036E09EAA8 (Jun 24)

Sources And Further Reading

More case studies

Coinhouse
Phishing Attack

PayFair P2P
Exchange Hacked

 For questions or enquiries, email info@quadrigainitiative.com.

Get Social

  • email
  • reddit
  • telegram
  • Twitter

© 2021 Quadriga Initiative. Your use of this site/service accepts the Terms of Use and Privacy Policy. This site is not associated with Ernst & Young, Miller Thompson, or the Official Committee of Affected Users. Hosted in Canada by HosterBox.