@i2huer and @0xtarafans
Produced by PNM x Narya Labs
On March 15, 2022, Deus Finance, a DeFi protocol on Fantom was hacked with a loss of $3M. The attacker exploited a smart contract bug with flash swap and price oracle manipulation.
Fantom Transaction Hash (Txhash) Details | FtmScan
A functional PoC that can reproduce the attack
postmortem/2022/deus at main · PwnedNoMore/postmortem
DeiLenderSolidex is a lending protocol:
isSolvent()
checks whether a user’s position is healthy or not.
function isSolvent(address user) public view returns (bool) {
// accrue must have already been called!
uint256 userCollateralAmount = userCollateral[user];
if (userCollateralAmount == 0) return getDebt(user) == 0;
return
userCollateralAmount.mul(oracle.getPrice()).mul(LIQUIDATION_RATIO) /
(uint256(1e18).mul(1e18)) >
getDebt(user);
}
Oracle is the smart contract used to calculate the price of each deposit token. pair_
is the Solidex AMM for USDC/DEI.
contract Oracle {
IERC20 public dei;
IERC20 public usdc;
IERC20 public pair;
constructor(
IERC20 dei_,
IERC20 usdc_,
IERC20 pair_
) {
dei = dei_;
usdc = usdc_;
pair = pair_;
}
function getPrice() external view returns (uint256) {
return
((dei.balanceOf(address(pair)) + (usdc.balanceOf(address(pair)) * 1e12)) *
1e18) / pair.totalSupply();
}
}
The value of a deposit token equals to the value of a LP token as calculated by the equation above (depending on how many DEI and USDC there are in the pool). Note that the decimal of USDC is 6 while that of DEI is 18.