MultiStables Vault Exploit Post-Mortem
The ValueDefi MultiStables vault was recently the subject of a complex attack that resulted in a loss of user deposits. What follows below is a post-mortem analysis and a description of proposed actions to mitigate economic impact on the community.
On Nov 14th 2020 at 03:36:30 PM UTC, a hacker performed a flash-loan exploit on the MultiStables vault of ValueDeFi protocol, which resulted in a net loss of roughly 6mil$.
The new vault uses our new code of vault v2, which had not been audited.
Our Solidity lead dev has provided a summary of the attack that illustrates the main points with approximated values.
 Flash loan 80k ETH on Aave, buy 116m DAI and 31m USDT
 Deposit 25m DAI to Vault (via Bank — did not check for smart contract entrance): get back 24,956,075 mvUSD
 Swap 91m DAI to 90m USDC, and 31m USDT to 17m USDC, leave the 3pool almost no USDC
At this moment, the Vault has 8.5m 3Crv, 2.2m BCrv and 300k CCrv:
Total 3Crv balance of Vault = 8.5m + convert_rate_bcrv_to_3crv(2.2m) + convert_rate_ccrv_to_3crv(300k)
convert_rate_xxx_to_3crv(A) = convert A xxx to B USDC and add B USDC to the 3pool. Since the 3pool has no USDC the 3Crv calculated by 3pool will be ~3x to normal rate.
-> Total 3Crv balance of Vault = 14.5m — not 11m as it should
 Withdraw 24,956,075 mvUSD from DAI. SharePrice = 14.5m / 11m = 1.32 (due to ), the attacker get 24.9m * 1.32 = 33m 3Crv
 Bough back 80k ETH (+fee) from the stables and return to Aave
 Buy back 33m DAI (profit 8m+) on pool, send back Deployer wallet 2m DAI
The attack took advantage of 2 vulnerabilities:
1. Deposit for users to Vault did not check for smart-contracts at the Bank layer.
2. Function convert_rate_xxx_to_3crv() was implemented without any consideration of the flash-loan attack potential on the curve vault (since the team did not know that  would not work as expected)
One of our auditors for the vault v1 (the previous version of the affected vault) has an excellent article explained the attack for people who want to know further technical details
Immediate actions and possible mitigations in the future
- Halt deposits in the MultiStables Vaults. Snapshot every depositor’s balance before the attack to calculate exact compensation amounts.
- Future Vault releases will remain only on audited v1 (single based share with multi-strategy) code, and v2 will only be released after heavily audited from Public Auditors and from public solidity devs.
- Vault v2 (multiple shares with multi-strategy) will be released with a stricter config with share_converter contract implemented, use a 2nd source of oracle price feeds for comparison, and implement time-lock or anti-re-entrance deposit/withdraw within the same block technique.
We are rolling out the new vaults for UNI LPs as promised, but with some structure changes to ensure maximum security. The new vaults will still use the same vault v1 code that has been running since September and currently under audits by PeckShield. We also fixed some minor problems within the code from the recommendation of PeckShield. More details about the new vaults will be published in the upcoming roadmap article.
We will create a compensation fund which will be funded by a combination of the dev fund, insurance fund and a portion of the fees that are currently generated by the protocol.
We propose some changes to the fee structure as follows:
- Increase vault performance fees to 20% and receipt from swap fees to 50% (previously was 14% and 30%)
Then, we consider two options for how the fees go to the compensation fund:
2a. 30% of all profits (with the new above fees) go to the compensation fund (exactly 6% of performance fee and 15% cut from swap fee). That means governance vault stakers will receive 14% of performance fee and 35% cut from swap fees (which is same performance fee as before and 5% more fee from cut)
2b. 50% of all profits go to the compensation fund (that means 10% performance fee and 25% cut from swap fee). Governance vault stakers will receive 10% performance fee and 25% cut from swap fee (a bit lower )
To make the accounting part for affected users as seamless as possible, an IOU token will be created at a 1:1 ratio for every dollar lost by affected farmers at the MultiStables vault with some enhancements. It will auto accrue 10% APY using rebase tech every week. That means if you hold 1 IOU token, next week you will have approximately 1.0019 IOU token automatically. The compensation fund will be used to buy back all IOU tokens to remain the peg of 1$ and burn all the bought IOU tokens and until such a time when the compensation fund exceeds the remaining outstanding IOU tokens.
This IOU token has built-in inflation and this compensates users for lack of access to capital. It also allows the market to possibly buy and sell the ious, giving those depositors the ability to exit early, possibly at a gross profit or at a discount. If the price is too high, then speculators will absorb losses.
We deeply regret this latest incident and any economic loss for our affected community members. We must again take this moment to reiterate, as has been seen with countless attacks on many DeFi projects, that all teams within this space are pioneering very risky technology that is by nature lacking the benefit of time for rigorous analysis and testing.
Specifically for ValueDefi protocol, we as a team continue to do our best to balance the community’s demands for safety vs. expediency, and have done so in the past by employing many auditors and deploying in beta with funding caps. Going forward, we will shift our focus and temper our speed to innovation in favor of even more security.
It again bears emphasizing that none of our other pools or vaults are susceptible to this attack and are operating normally. Nonetheless, we reiterate once more that, no matter if your funds are deployed in Value DeFi Protocol or any other DeFi projects, there is always an element of risk when it comes to smart contracts and increasingly complex deployments.
Some other quality of life changes we will consider implementing: stamps on our site for audited pools and buttons linking to the audit, “experimental” stamp for non-audited pools or vaults with new code.
Finally, we have also reached out to the hacker to see if there is any resolution possible. While unconfirmed, there has been news that he has been reimbursing certain users.
Thank you again for being a part of the Value Defi community and our continuing journey to meet the standard of our Mission and Values.