Linear Pool Post-Mortem Report
(ERN / bb-rf-USDC / bb-rf-USDT)
Introduction
Beethoven X contributors identified an issue with the previous iteration of the Dollar Dollar Bills (ERN / bb-rf-USDC / bb-rf-USDT) pool on Optimism:
The issue is the result of an incorrect deployment of the underlying linear pools:
- bb-rf-usdc (https://optimistic.etherscan.io/address/0xdc2007d9e9a33f50630f26069faab69c25f7758c)
- bb-rf-usdt (https://optimistic.etherscan.io/address/0xbef1ccaada458a570c37b11a8872988ba1e4fdb9).
Both linear pools were deployed with the original ReaperLinearPoolFactory instead of the ERC4626LinearPoolFactory. The ReaperLinearPool was designed to function with the Reaper single-strategy vaults, and are incompatible with the Reaper multi-strategy vaults, due to a difference in how the two vaults manage decimal scaling.
While this issue was identified by Beethoven X contributors, there was an improper evaluation of the potential impact, which created an opportunity for a malicious actor to remove approx $79,330 USD in liquidity from the pool.
Additional details on the events that led to this unfortunate outcome are presented below:
Timeline of Events
- On June 19th, the Dollar Dollar Bills pool was deployed using the misconfigured reaper linear pools using the composable stable pool factory.
- On July 24th, we identified an issue with the Dollar Dollar Bills pool during pool operations. The issue was investigated and the root cause was identified but unfortunately, the impact was mis-evaluated. A new pool was deployed on the same day to start the migration process of user funds to the new pool.
- On July 27th, LPs were informed that a migration to a new pool was underway and that emissions were live to trigger the migration of LPs.
- On July 28th, 8:30 pm UTC, a malicious user found the misconfigured pool and was able to drain the remaining funds from the pool, resulting in a loss of ~$79k of liquidity.
- On July 28th, 11:15 pm UTC, users reported they were unable to withdraw from the pool.
- On July 29th, 11:30 am UTC, an initial investigation confirmed that the pool was indeed drained by a malicious actor. Ongoing investigation revealed that the issue was a result of the underlying linear pools as referenced above.
- On August 2nd, 9:30 am UTC, we reached out to the malicious actor offering a bug bounty.
Root Cause Analysis
The investigation revealed that the issue was introduced when creating the linear pools using the wrong linear pool factories in the following creation transactions:
- https://optimistic.etherscan.io/tx/0xb655f3d14bb80b61d40b7698b4340ee10f681f317b1bb68de5ab63516906f255
- https://optimistic.etherscan.io/tx/0xd8c4fb9808d666842b61bec6894efd90b420f5949417d1c96a324718d419e1ce
While under normal circumstances, such a misconfiguration should not be possible, the Reaper multi-strategy vaults support both the ERC4626 interface as well as the custom Reaper vault interface, making it possible to create the linear pools using either factory. In this instance, the linear pools should have been created using the ERC4626LinearPoolFactory, but were mistakenly created with the ReaperLinearPoolFactory.
ReaperLinearPoolFactory:
ERC4626LinearPoolFactory:
The root cause of the issue lies in the difference in how the underlying vaults handle the decimal scaling. While the Reaper single-strategy vaults use 18 decimals for any underlying token, the multi-strategy vaults mirror the underlying tokens’ decimal scaling.
Because the linear pools were created using the ReaperLinearPoolFactory for the multi-strategy vault, the rate of the wrapped token (rf-USDC and rf-USDT) was inflated by 10¹², which led to a mispricing of the wrapped token, since USDC and USDT use 6 decimals.
The malicious actor was able to take advantage of the misconfiguration of the linear pool. The attacker swapped a very small amount of rf-USDC into a large amount of bb-rf-usdc. Using the large amount of bb-rf-usdc, the attacker was able to swap it for the underlying assets. The attack was conducted twice in a very short time, one after the other:
- https://optimistic.etherscan.io/tx/0xaaa6407cdc4a68a4140c00663b5c5db52549f9d8b7c52fc9f0106cdfa634f433
- https://optimistic.etherscan.io/tx/0x5e1b7885293cb7e96d420df6e46fdd7493662e73394a3a410ed5fe710f6833ec) through which the attacker was able to drain the pool.
Impact Assessment
The incident resulted in a malicious actor draining approximately $78,950 worth of assets from the Dollar Dollar Bills pool on Optimism. Please find the detailed asset list below:
Immediate Response and Mitigation
While Beethoven X contributors investigated the issue on July 24th, the root cause was identified but unfortunately, the scale of the impact was mis-evaluated. As a result, a new pool was created to initiate the migration process, allowing the malicious actor to exploit the misconfiguration and drain the remaining funds on July 28th.
In addition, the following linear pools have been identified as impacted by the same misconfiguration:
- https://optimistic.etherscan.io/address/0xdc2007d9e9a33f50630f26069faab69c25f7758c
- https://optimistic.etherscan.io/address/0x24d9ff56fb09e0f02e74407b12f3264c6e520b5e
- https://optimistic.etherscan.io/address/0x8fe33d737484ca194dedf64aafa8485327fc5372
- https://optimistic.etherscan.io/address/0x8003eec4add35c6d23eb1ef61b4fa6bbbb23a41a
- https://optimistic.etherscan.io/address/0xb85245929dc65b5eddb56c4b4e84b20bce69db35
- https://optimistic.etherscan.io/address/0xd32f78f5ae235269c6d2cabbd26a57ff9fd62967
- https://optimistic.etherscan.io/address/0x55b1f937b1335be355c82e207fd437182c986ba1
- https://optimistic.etherscan.io/address/0xbef1ccaada458a570c37b11a8872988ba1e4fdb9
All pools that have these linear pools nested have no TVL and have been blacklisted from the UI.
Communication and Transparency
LPs were informed of the migration to a new pool on July 27th, but the severity of the underlying issue was not identified correctly. The incident was reported by users who were unable to withdraw from the pool on July 28th, triggering further investigation. On July 31st, the incident was acknowledged and a preliminary announcement was made.
Post-Incident Analysis, improvements, and lessons learned
Following the incident, we conducted a detailed analysis to identify the root cause. It became evident that the misconfiguration of the underlying linear pools during their creation in combination with a misinterpretation of the impact led to the loss of funds.
Users’ trust in Beethoven X has always been at the center of our mission in DeFi and in hindsight we should have undertaken all possible measures to prevent such a security breach.
We are dedicated to implementing process enhancements to prevent similar issues in the future. This includes strengthening testing and QA procedures for all new pool creations to ensure early identification and remediation of potential misconfigurations.
- We have added additional post-deployment tests that wrap the underlying assets of linear pools.
- We have added additional tasks to our post-deployment review process for linear pools to check the rates not only of the pool but of the wrapped tokens.
- Any deployment of a linear and boosted pool will undergo an additional post-deployment review conducted by a different person.
Through these measures, we aim to bolster the operational security of our platform and foster trust among our users and the DeFi community.
Conclusion
This incident with the Dollar Dollar Bills pool underscores the need for constant vigilance and proactive security measures. By learning from this incident and implementing necessary improvements, we aim to fortify the protocol against potential threats, protecting the assets and trust of our users.
We are committed to continuous improvement and are grateful for the support and understanding of our community during this challenging time.
We identified all wallets affected by this incident and will work with our committees and community to find a solution for those that lost assets. We are actively looking into it, and have reached out to the hacker to negotiate whether we can recoup the funds directly before moving to the next steps.
