BEANSTALK FARMS LOST $182M TO FLASH LOAN ATTACK

-An Ethereum-based stablecoin protocol, Beanstalk Farms, was attacked on Sunday by an unidentified attacker.

-Beanstalk operates crypto lending via Decentralised finance (DeFi) smart contracts that do not require collateral to loan huge sums in flash loans. The attacker was reported to have taken flash loans from some lending platforms like Aave, using the funds to acquire a large percentage of Beanstalk governance token, Stalk.

-The major voting power permitted the culprit to approve malicious governance protocols that they needed to siphon funds into a private wallet. The attacker used Tornado cash to launder the money and cover their digital tracks.

-The operation left people confused when the attacker donated some of the money to the Ukrainian relief efforts… Learn more in the body of the article.


Beanstalk Farm, an Ethereum-based DeFi project, on April 17, 2022, suffered a ground-breaking loss of $182m in a flash loan attack by an unknown culprit. Beanstalk is a credit-based, stablecoin (a cryptocurrency pegged to a Fiat currency) protocol run on the Ethereum blockchain. The project's native coin, BEAN, fell by 86% from its $1 peg after the attack.

An attack that was made possible by two harmful governance proposals [BIP-18 and BIP-19] was issued by the attacker on Saturday when the character asked Beanstalk Farms to donate funds to Ukraine. The proposal, which had a malicious rider attached to it, made it possible to siphon the funds into a private ETH wallet. The attacker took flash loans from other lending platforms like Aave, USDC, and Tether to fund the operation by acquiring 67% of Beanstalk Farms governance tokens "stalk tokens" and voting their bugged BIPs (Beanstalk improvement proposal) into approval.

The operation resulted in a loss of $182m, and the attacker got away with $80m. The remainder of $100m went to the lending platforms as fees for the flash loans the attacker took to fund the operation. Peckshield —a blockchain security and data analytics company— disclosed on Twitter that the attacker laundered the money via Tornado cash, deleting all digital footprints.


Peckshield announced that in a great attempt to be a crypto Robinhood, the attacker had donated $250,000 in USD coin (USDC) to Ukrainian Crypto Donation and still holds 15,154 ETH in an account. The analytics company traced that the initial funds needed to launch the attack on Beanstalk Farm were withdrawn from Synapse Protocol. After that, when the operation was complete, the gains were deposited in Tornado Cash (about 25,000 ETH according to Mist track), making the attacker untraceable.

Beanstalk's creators disclosed their identity on their discord server to prove that they were not involved in the attack. They admitted that they had not identified the culprit, although they lost all their assets deposited in the Silo, saying it was a substantial amount.


WHY COULD BEANSTALK FARMS BE EXPLOITED?

---

Omniscia, Beanstalk's smart contract security auditor, said in an official report that they did not audit the code exploited in the attack because that code was introduced after they had audited the system. This means that Beanstalk Farms introduced a new code after Omniscia had audited and approved the system's security. The latest addition gave leeway to the attacker to act on the unprotected code introduced by protocol. It is possible the attacker was aware of the new code Beanstalk had introduced. The codes introduced contain an 'emergency commit' function that allows Stakeholders to circumvent the average lifecycle of a proposal and execute it immediately if they have major voting power.

Normally, the Beanstalk protocol required that funds utilized for voting would remain locked for a period of time after the proposal had been voted on. The protocol upgrade via its BIP governance mechanism allowed the attacker to execute their proposal and retrieve their locked funds as part of the malicious update.

The attack seems to be a well-planned hit because the Beanstalk voting system permits votes to be cast prior to any active BIP, allowing new votes to apply to older BIPs. The attacker using this submitted their BIP-18 ahead of time to satisfy the emergency commit function. Once the time threshold for their BIP-18 had been met, the attack was put in operation.

In the past, flash loans have been used to hack other protocols like Cream Finance, which lost $130m in the same manner. But this attack was not caused by a hack because all the projects governance protocols and smart contracts functioned as they were designed to. The attacker made a point of exploiting the flaws in the protocol's design. After the attack, the exploiter exchanged the BEAN tokens for Ethereum and dumped the coins causing a massive dip in the value of BEAN.


Such events seem to be a recurring event in the world of DeFi projects. Hopefully, in the future DeFi projects will make sure to run all codes by their auditors and refrain from introducing unauthorized codes thereafter to reduce the chances of such attacks.



Author: Gate.io Observer: M. Olatunji
* This article represents only the views of the observers and does not constitute any investment suggestions.
*Gate.io reserves all rights to this article. Reposting of the article will be permitted provided Gate.io is referenced. In all other cases, legal action will be taken due to copyright infringement.