Mystery Attacker Vanishes with $355,000 in DeFi Heist: Is Ethereum’s Newest Feature to Blame?
In a devastating blow to the Ethereum-based DeFi protocol SIR.trading, also known as Synthetics Implemented Right, the platform has lost its entire total value locked (TVL) of $355,000 due to a hack. The breach, identified on March 30, was first reported by blockchain security firms TenArmorAlert and Decurity, who issued warnings to alert the protocol’s users.
The protocol’s founder, known by the alias Xatarrer, described the incident as “the worst news a protocol could receive” but expressed intentions to continue the project despite the setback.
Decurity detailed the attack as a “clever” manipulation of a callback function within the protocol’s vulnerable contract vault, which exploited Ethereum’s transient storage feature. The hacker managed to substitute the legitimate Uniswap pool address with one under their control, rerouting the funds into their own account. TenArmorAlert explained that the attacker was able to deplete the protocol’s funds by repeatedly engaging this callback function.
Supremacy’s blockchain security expert, SupLabsYi, elaborated on the attack’s implications, suggesting it could reveal inherent vulnerabilities in Ethereum’s transient storage, a feature introduced in the Dencun upgrade. This mechanism allows for temporary data storage, reducing gas fees, but remains a nascent and potentially exploitable feature.
Following the breach, the stolen funds were traced to an address linked with Ethereum’s privacy solution, Railgun, and Xatarrer has reached out for assistance from them.
SIR.trading’s documentation describes the platform as a supposedly safer option for leveraged trading, addressing issues such as volatility decay and liquidation risks. However, it also warned users about the potential presence of bugs in its smart contracts, which could result in financial losses. The project’s documentation highlighted the vulnerability of its vaults, acknowledging that despite audits, errors might still lead to critical failures.