$16 000 000 USD

OCTOBER 2021

GLOBAL

INDEXED FINANCE

DESCRIPTION OF EVENTS

"Gain exposure to passively-managed crypto index portfolios represented by a single token." "Indexed products offer a hassle-free, battle-tested way of investing in both DeFi and niche market sectors such as oracles or the metaverse."

 

"Provide liquidity for our index products on major decentralised exchanges and earn our protocol governance token as a reward! Select index products are also eligible for rewards by staking them single-sided. No fees, no lock-up periods."

 

"The first product developed by Indexed Finance is a set of capitalization-weighted index pools designed to replicate the behavior of index funds, which historically have returned better and more consistent returns than actively managed funds on the stock market. Index pools simplify asset management on Ethereum the way that index funds do for the stock market: by creating a single asset which represents ownership in a diverse portfolio that tracks the market sector the index represents. Each index pool has an ERC20 index token which anyone can mint by providing the underlying assets in the pool, burn to claim the underlying assets, or swap with exchanges to easily manage their exposure to specific markets."

 

"Index pools regularly rebalance their underlying assets in order to better represent the market sectors they track. Portfolio targets are set using on-chain data from Uniswap and pre-set rules defined in smart contracts. As with index funds, the only roles for humans in managing index pools are the initial determination of weighting and asset selection rules, the definition of market sectors and the classification of assets into those sectors. These roles are carried out by NDX governance, which has mandatory time-locks for all governance decisions."

 

"This project is in beta. Use it at your own risk."

 

On October 14th, 2021, "Indexed Finance, a passive income agreement, was attacked, and the affected fund pools included DEFI5 and CC10." "According to the bot on Discord, the two pools that are now inaccessible are left with $288,000 and $2 million in TVL, respectively. The other pools have much higher amounts, which suggests that the hack is localized." "Officials stated in Discord that the damage caused by this attack was about 16 million U.S. dollars."

 

"We're aware of an incident that has just taken place within the DEFI5 and CC10 pools." "Looking into it."

 

"Still not sure exactly what happened, but the weight for SUSHI on CC10 is way over the total it's supposed to have. SUSHI was initialized in the pool in this transaction which also included massive mints of CC10."

 

"I think the issue has to do with the math for weight adjustment upon initialization of a token, in either _getInputToken or _updateInputToken"

 

"This attack exploited the way index pools are rebalanced." "When a token is added to an index pool, we use approximate values with a Uniswap oracle to determine how to price the token within the Balancer pool. This is done to remove any need for the pool to interact with external markets in order to rebalance, and allows tokens to be traded into the AMM before the pool has any balance in them."

 

"To do this, we use a function `extrapolatePoolValueFromToken`. This finds the first token in the pool with a target weight over 0 and which is fully initialized, then multiplies the pool’s balance by the reciprocal of its weight — so if the pool has 10 UNI at a weight of 10%, it’ll say the pool is worth 100 UNI. The controller uses this with a Uniswap oracle to determine the amount of a new token X that is worth 1% of the pool, which is then used to price swaps. Until the pool reaches that balance for the token, it will buy it at a slight premium; once it hits the balance, the token is considered “initialized” and can be both bought and sold by the pool."

 

"Occasionally, token prices will change so quickly that the minimum balance is so far off of the value of 1% of the pool that no one is willing to swap it into the pool. To prevent this from causing a delay in a rebalance, the controller has another function updateMinimumBalance which resets the virtual balance for an uninitialized token."

 

"At the time the attack started, DEFI5 was ready for a re-index (anyone can trigger one after 3 re-weighs, which occur once a week). The first call in the transaction was to trigger a re-index of DEFI5. At this time, UNI was the first asset in the token list which was fully initialized and had a desired weight over zero, so the price of UNI was used to approximate the pool value and set the minimum balance for SUSHI. This set a reasonable minimum balance for SUSHI of 11,926, or about $126k."

 

"Next, the exploit contract took out approximately $156m worth of flash swaps in UNI, AAVE, COMP, CRV, MKR, SNX (the initialized assets in DEFI5) from Sushiswap and Uniswap V2."

 

"The contract then used all of the borrowed assets to purchase UNI from the pool in chunks, as the pool does not allow swaps to send more than 1/2 of the pool’s existing balance in a token or purchase more than 1/3 of the pool’s balance in a token. This took dozens of swaps, but they managed to dump the tokens into the pool."

 

"The attacker then executed a minimum balance update on the controller. Because they had purchased nearly all of the UNI in the pool, its balance was very low when the controller queried it, and so the approximated value of the entire pool was calculated as 29,851 SUSHI (~$300k), despite the pool having received over a hundred million dollars worth of other assets."

 

"The previously purchased UNI was then used to mint new DEFI5, again in chunks due to limitations on the relative size of a single-token mint. This resulted in the pool supply being inflated by orders of magnitude."

 

"Next, the caller used the borrowed SUSHI to mint additional DEFI5 at the extremely inflated valuation caused by the minimum balance exploit, then burned the DEFI5 for all of the underlying assets, and repeated this a number of times."

 

"Finally, they paid off the flash loans and made out with about $11m worth of assets."

 

"The CC10 exploit was essentially the same thing, except that the initial re-index step had already been done."

 

"After the vulnerability was discovered, it triggered protection measures including DEGEN, NFTP, and FFF (including DEFI5 and CC10) fund pools, and was frozen."

 

"The pools controlled by the Sigma committee (DEGEN, NFTP, FFF) have been frozen and are not vulnerable to this exploit, but will require a proxy upgrade."

 

"The two index token fund pools, DEGEN and NFTP, have resumed normal operation, while the FFF pool is still in a frozen state."

 

"The hope of those who have realized that they have lost everything is that this hack is a repeat of what happened to Poly Network. In that case, the hacker first emptied the platform and then returned the funds: all he wanted was to demonstrate that there was a vulnerability. But some are rather pessimistic."

 

"As soon as the news spread, the price of the Indexed Finance Governance Token, (NDX) plummeted. It is currently down 22%. The token is at position 3,411 on CoinMarketCap, it was worth $3.5 but is currently at $2.5." "The platform has only been able to warn users not to buy DEFI5, CC10 and FFF, as they are completely out of sync."

 

"In case there's any doubt - don't go buying the dip on DEFI5, CC10 or FFF (which contains those two) right now: their asset weightings are completely out of sync."

 

Eventually, "Indexed Finance officially stated that the root cause of the attack has been determined." "Circuit breaker has been disabled for DEGEN and NFTP now that we have identified the root of the attack." "These pools are now operating normally again." "Swaps within the FFF remain frozen for now due to it containing DEFI5 and CC10."

 

"We will be creating a forum megathread in order to field thoughts and potential ideas for recovery from our community members and the affected alike." "Indexed Core will consider some proposals ourselves, and put these forward to the community by next Friday, the 22nd of October." "We cannot - and should not - determine this unilaterally. In this situation, the three of us are informed community members rather than controllers." "The plan for compensation for the affected will have to be agreed upon as a community."

 

"Not sure how we missed this the first time, but @not_pr0 noticed the wallet that funded the attacker directly used FTX and Kraken quite a bit, both of which require KYC."

 

"Update: we have identified the Indexed attacker and found links to exchanges. We are now presenting an ultimatum."

 

"Information relating to the attacker has been released by a member of the DAO in a personal capacity." "Beyond a retweet indicating where this information can be found, we will not be discussing this information on this account at this time, or at any point moving forward."

 

"In the aftermath of the attack, the two of us in Core that engaged in these conversations (Dillon and Laurence) have found that this users side of the conversations have been deleted in their entirety." "We are aware (courtesy of @pcaversaccio) that the exploiter requested some Kovan testnet Ether via Gitter, using the (dead, presumably created for the purposes of the assault) Twitter account @ZetaZeroes."

 

"We have also reached out directly to the exploiter with a message, but given that subsequent to that they deployed another contract and attempted to perform more interactions, we must assume ongoing hostility."

 

"We speak now directly to the exploiter, if they ever read this: you’re clearly incredibly skilled: this is something that has been overlooked for ten months in production, and you’re the only one that found it. While it would have been so much more productive for you to instead choose to work with us: be the antihero of this story rather than the villain. Take a 10% whitehat, and save a lot of people the effort of engaging law enforcement."

 

"Being in the Indexed war room, I suggest the hacker surrender 100% of funds. You have nowhere to hide."

 

"In the minutes before the deadline elapsed, @ZetaZeroes made changes to his accounts that have made us realise at the last minute that the attacker is significantly younger than we thought." "The ultimatum has not been met." "The 10% offer has expired. The attacker has until EOD to return 100% of the stolen funds or his information will be published and law enforcement notified."

 

"I've submitted a governance proposal to drain and disable the index pools exploited last month (DEFI5, CC10, FFF) and their market pairs, and repair the remaining index pools (NFTP, ORCL5, DEGEN)."

 

"If approved, this proposal will drain all assets in the three affected pools and the ETH in their Uniswap market pairs to the treasury. It will mint a large amount of the affected tokens to a gnosis safe controlled by the Sigma committee to drain the Polygon markets."

 

"The affected pools will then be permanently disabled. Users who purchased or minted the affected pools *after* the attack will not be compensated. Users who held the tokens at the time of the attack will be included in the approved compensation plan."

 

"Staking rewards that have previously been earned will not be affected by this proposal. The index pools unaffected by the attack will be upgraded to remove the vulnerabilities around pool value estimation and initialization weight setting."

 

"If you currently hold NDX tokens or are entered into a dNDX timelock, please go and vote on the various facets of the compensation plan: this is the DAO's decision, and it requires a strong mandate."

 

"Proposal 16 has been executed." "The vulnerability within the pool rebalancing mechanism has been removed. DEGEN, NFTP and ORCL5 are now safe." "Remaining assets within DEFI5, CC10 and FFF have been routed to the Indexed treasury. Uniswap LP pools have been drained of their ETH."

 

"The compensation plan will be implemented via Pickle Cornichons (tokens will be issued to the affected which they can burn for DAI at a pay-out rate they are happy to accept). The DAI backing these claims will be sourced from a combination of extracted assets from the affected pools (see below) and Indexed protocol revenue over time. A further article will be published upon deployment explaining exactly how this works and what it means for the affected."

 

"There will be two separate claim tokens issued: one for direct holders of the affected tokens (DEFI5, CC10 and FFF) and one for holders of LP tokens for any of these three. These tokens will have to be claimed by the affected on the Ethereum main-net once issued."

 

"99.32% of the losses incurred by holders of all affected tokens on any chain will be compensated. 88.5% of the losses incurred by holders of all associated liquidity tokens on any chain will be compensated."

 

"On behalf of the DAO, the author would like to thank the affected (and the wider community) for their patience and support thus far." "This is not the end for Indexed: we have a vision, and will continue to build it out, with your support."

The Indexed Finance liquidity pools (smart contract hot wallets) were exploited to drain $16m. Despite being suspected as identified, the attacker did not return the funds. The team has put together an incentive plan which aims to recover the majority of the funds over time in the future.

HOW COULD THIS HAVE BEEN PREVENTED?

Not only were all funds placed in a smart contract hot wallet, but the smart contract was not even audited. Storing the bulk of funds in offline multi-signature cold storage would massively increase safety, while only affecting timeliness of the largest of transactions. While far from foolproof, a smart contract audit can effectively identify many vulnerabilities so they can be resolved prior to deployment. Bug bounty programs are another way to encourage the identification of exploits before they are found. It is further noted that Indexed Finance had no insurance at all. We have proposed an industry insurance fund which could assist in events like this.

 

Check Our Framework For Safe Secure Exchange Platforms

Indexed Finance, pools emptied: hack or "incident" - The Cryptonomist (Oct 13)
Indexed (Oct 13)
README - Indexed Finance (Oct 13)
SlowMist Hacked - SlowMist Zone (Nov 5)
@ndxfi Twitter (Dec 4)
@d1ll0nk Twitter (Dec 4)
Ethereum Transaction Hash (Txhash) Details | Etherscan  (Dec 4)
IndexPool | 0x5bd628141c62a901e0a83e630ce5fafa95bbdee4  (Dec 4)
Ethereum Transaction Hash (Txhash) Details | Etherscan  (Dec 4)
@ndxfi Twitter (Dec 4)
@laurence_e_day Twitter (Dec 4)
Discord (Dec 4)
Indexed (Dec 4)
[Proposal] Compensation Mechanisms - #9 by d1ll0n - Proposals - Indexed Finance (Dec 4)
recovery/IndexPoolRecovery.sol at master · indexed-finance/recovery · GitHub (Dec 4)
@d1ll0nk Twitter (Dec 4)
https://ndxfi.medium.com/indexed-attack-compensation-plan-f2228303507 (Dec 4)
@ndxfi Twitter (Dec 4)
@ndxfi Twitter (Dec 4)
@ndxfi Twitter (Dec 4)
@ndxfi Twitter (Dec 4)
Indexed Finance Community Call - 20 October 2021 - YouTube (Dec 4)
@ndxfi Twitter (Dec 4)
@ndxfi Twitter (Dec 4)
@ndxfi Twitter (Dec 4)
@ndxfi Twitter (Dec 4)
@ndxfi Twitter (Dec 4)
@ndxfi Twitter (Dec 4)
@bantg Twitter (Dec 4)
@ndxfi Twitter (Dec 4)
@ndxfi Twitter (Dec 4)
@ndxfi Twitter (Dec 4)
@ndxfi Twitter (Dec 4)
Update #1: Indexed Finance Attack - HackMD (Dec 4)
Ethereum Transaction Hash (Txhash) Details | Etherscan  (Dec 4)
Imgur: The magic of the Internet (Dec 4)
Indexed Attack Post Mortem (Dec 4)
@ndxfi Twitter (Dec 4)
Rekt - Indexed Finance - REKT (Dec 4)
@laurence_e_day Twitter (Dec 4)
SlowMist Hacked - SlowMist Zone (Jun 25)

Sources And Further Reading

 For questions or enquiries, email info@quadrigainitiative.com.

Get Social

  • email
  • reddit
  • telegram
  • Twitter

© 2021 Quadriga Initiative. Your use of this site/service accepts the Terms of Use and Privacy Policy. This site is not associated with Ernst & Young, Miller Thompson, or the Official Committee of Affected Users. Hosted in Canada by HosterBox.