History of Exploits - Hundred Finance

Date: 6 February 2022

Exploit Type: Bridge and Oracle Exploit

TL;DR

• Meter.io experienced an exploit which allowed uncollateralized minting of BNB.bsc

• This resulted in significant price dump of BNB.bsc

• Opportunists borrowed against cheap BNB.bsc which maintained inflated price of unwrapped BNB on Chainlink Oracles

• This resulted in bad debt accruing to Hundred Finance

Background

Scaling issues in Ethereum has led to the development of other L1s such as BSC, Solana, and Cardano. However, whilst capable of operating in isolation of each other, interaction between different L1’s is a complex (and risky) process. The introduction of bridges are one way of allowing users to transfer value from one blockchain to another, generally in the form of ‘Wrapped Tokens’.

The general logic behind wrapping involves a user locking tokens on one blockchain and minting a wrapped version on another blockchain — this requires a bridge platform as an intermediary. Whilst an equal amount of tokens are locked on one chain, its use on another chain is fully collateralized. However, smart contract exploits on bridges such as Wormhole have allowed hackers to mint wrapped assets without adequate collateral.

The exploit of Hundred Finance was not a direct exploit of its own smart contracts, but rather an exploit of a bridge that it is reliant upon. Specifically, it affected the Meter.io bridge which allows wrapping of tokens between Ethereum, BSC, MoonRiver, and Meter. The exploit allowed hackers to mint BNB.bsc (i.e. BNB wrapped on BSC) without providing locked BNB. This allowed them to sell BNB.bsc on Sushiswap which resulted in a significant price drop.

How did it happen?

1. Opportunists purchased cheap BNB.bsc which was mispriced relative to unwrapped BNB due to the Meter.io bridge issue

2. Hundred Finance uses Chainlink price feeds which uses a single global price based on CEX and DEX pricing (BNB.bsc dumped price is only a small contributor of global BNB price so global price was relatively stable).

3. They were able to use BNB.bsc (which was treated to be valued the same as global BNB i.e. much higher than purchase price) as collateral to borrow MIM and FRAX

4. Since BNB.bsc Sushiswap price had dropped, it could not effectively be liquidated as collateral resulting in the accrual of bad debt.

Loss from Exploit: $3.3m (fortunately some of the opportunistic borrowers have repaid their borrowings so final sum lost may be less)

Lending Platform Risk - Pure Shared-Pools

Hundred Finance uses bridges which allows lending, borrowing, and collateralization of cross-chain assets. With the sheer number of viable L1s and L2s today, the ability to use wrapped assets allows them to access a market which is largely untapped — however, the current iteration of bridges leaves much to be desired as bridge exploits are quickly becoming a core issue facing defi this year. Protocols must be careful with their choice of oracle to ensure it reflects price of the true collateral being used, rather than a proxy price that may be inaccurate.

In addition, its position as a Compound Finance fork means its lending logic uses a Shared-Pool Approach. The issue with shared-pools is that an exploit in a single token becomes a protocol-wide issue. Whilst BNB.bsc was the only exploited asset, every token on the platform was exposed to risk, allowing MIM and ETH to accrue bad debt — with more funds, every token on Hundred Finance could have been drained. Fortunately, some of the opportunists have chosen to repay borrowed funds but this may not always be the case.

What can Silo learn from this?

There were two core issues behind the Hundred Finance exploit:

1. Shared-pool approach draining of multiple tokens from lenders who may have been unaware of risks associated with the lending

2. Use of Chainlink oracles resulted in mispricing of BNB.bsc relative to its "true" price on an AMM

Silo employs a bridged lending approach as opposed to a shared-pool approach. This means that if the same exploit were to occur on Silo, only bridge asset lenders that chose to support BNB.bsc would have been at risk of bad debt - all lenders in other silos would have been unaffected.

The oracle mispricing is a new conception with the advent of inter-blockchain bridges and something that needs to be considered for all lending platforms that allow for wrapped tokens on non-native blockchains. The reliance on global prices as opposed to localised DEX prices is clearly something that can result in disastrous consequences.

As Silo moves towards permission-less lending markets, governance must be prudent in its choice of oracles to ensure that a similar mishap does not occur. Bridge lenders must be properly informed regarding which oracle is used for which silos and decide whether it is appropriate for purposes of liquidations to minimise their likelihood of bad debt.

Read more on the risks of lending (Lender Beware series)

• Lending Risk

• Shared-Pools

• Lending Pairs

• The Siloed Solution

Read more on this series (History of Exploits)

• Rari Capital (2 November 2021)

References:

• https://twitter.com/Meter_IO/status/1490103308421255168

• https://twitter.com/Meter_IO/status/1490045486606139392

• https://twitter.com/HundredFinance/status/1490394875459682309

• https://twitter.com/serenityfund/status/1490536094231760898?s=21

• https://rekt.news/meter-rekt/

• https://docs.hundred.finance/

• https://discord.com/channels/756024964448256011/

Find us: Twitter | Discord| Governance |Docs | Website