Platypus Finance Breach—Feb 16, 2023—Detailed Analysis

Overview

Platypus Finance, a project on the Avalanche blockchain, suffered a significant security breach on February 16, 2023, resulting in an estimated loss of approximately $8.5 million.

The methodology behind this hack involved exploiting a logic error in the solvency check mechanism of the USP stablecoin, which was a critical vulnerability that led to this substantial financial impact.

About Platypus Finance

Platypus Finance, an Automated Market Maker (AMM) protocol, specializes in stablecoin exchanges and features a unique asset liability management system operating on the Avalanche blockchain. While the specific launch date of the protocol isn’t provided, its $USP stablecoin was introduced in December 2022.

Prior to the attack, Platypus Finance was recognized as the seventh-largest protocol on the Avalanche network, boasting a Total Value Locked (TVL) of $41 million.

Root Cause

Overview of the Exploited Vulnerability

The Platypus Finance ecosystem suffered from a critical vulnerability due to flawed integration between two of its contracts: PlatypusTreasure and MasterPlatypusV4. This issue was primarily a result of an improper logical check within the MasterPlatypusV4 contract.

What is Logic Error in Solvency Check Mechanism?

This concept refers to a flaw in how a system verifies whether a user’s account is solvent (i.e., has enough assets to cover liabilities).

In the context of this hack, the logic error allowed users to withdraw funds even when they were serving as collateral for a debt, leading to significant financial losses.

Details of the Contracts Involved

PlatypusTreasure Contract:

• Purpose: This contract, recently launched to support the USP stablecoin, includes a mechanism allowing the borrowing of USP stablecoin against assets staked in the IMasterPlatypus implementation.
• Functionality: It is referenced in the collateral settings of an LP asset through PlatypusTreasure::_getCollateralAmount.

MasterPlatypusV4 Contract:

• Deployment Date: The version in use at the time of the attack was deployed on November 14, 2022.
• Critical Flaw: The outdated MasterPlatypusV4 implementation’s integration with the IPlatypusTreasure contract contained a serious oversight in its emergencyWithdraw mechanism.
• Intended Integration: The contract was initially designed to integrate with IPlatypusTreasure, as indicated by the platypusTreasure member and its optional usage in the codebase.

Core Problem in MasterPlatypusV4

• Faulty Emergency Withdrawal Function: The MasterPlatypusV4::emergencyWithdraw function conducts a solvency check before updating the LP tokens associated with the staked position. This order of operations allows users to withdraw funds even when they were serving as collateral for a debt in PlatypusTreasure, as the solvency check would always pass under these conditions.
• Contrast with Withdraw Function: The standard withdraw function in the same contract is not vulnerable to this attack since it performs the solvency check after updating the stake position. This ensures the PlatypusTreasure::isSolvent function accounts for the updated LP token balance.

  function emergencyWithdraw(uint256 _pid) public nonReentrant {

       PoolInfo storage pool = poolInfo[_pid];

       UserInfo storage user = userInfo[_pid][msg.sender];
       if (address(platypusTreasure) != address(0x00)) {

           (bool isSolvent, ) = platypusTreasure.isSolvent(msg.sender, address(poolInfo[_pid].lpToken), true);

           require(isSolvent, 'remaining amount exceeds collateral factor');
       }
       // reset rewarder before we update lpSupply and sumOfFactors
       IBoostedMultiRewarder rewarder = pool.rewarder;
       if (address(rewarder) != address(0)) {
           rewarder.onPtpReward(msg.sender, user.amount, 0, user.factor, 0);
       }

       // SafeERC20 is not needed as Asset will revert if transfer fails

       pool.lpToken.transfer(address(msg.sender), user.amount);

       // update non-dialuting factor

       pool.sumOfFactors -= user.factor;

       user.amount = 0;

       user.factor = 0;

       user.rewardDebt = 0;

       emit EmergencyWithdraw(msg.sender, _pid, user.amount);
   }

Token Address: https://snowtrace.io/token/0x22d4002028f537599be9f666d1c4fa138522f9c8

Snowtrace Address of the PlatypusTreasure Contract’s Proxy: https://snowtrace.io/address/0x061da45081ace6ce1622b9787b68aa7033621438

Snowtrace Address of the PlatypusTreasure Contract: https://snowtrace.io/address/0xbcd6796177ab8071f6a9ba2c3e2e0301ee91bef5

Snowtrace Address of the MasterPlatypusV4 Contract’s Proxy: https://snowtrace.io/address/0xff6934aac9c94e1c39358d4fdcf70aeca77d0ab0

Snowtrace Address of the MasterPlatypusV4 Contract: https://snowtrace.io/address/0xc007f27b757a782c833c568f5851ae1dfe0e6ec7

Snowtrace Transaction of the PlatypusTreasure Contract’s Proxy Deployment: https://snowtrace.io/tx/0x326d5c2e0ebb68c5f267b1f2fb654729ef5bb2bcaf09a5adea382e206b17315d

Snowtrace Transaction of the USP Minter Set to PlatypusTreasure’s Proxy: https://snowtrace.io/tx/0x535ee1baa8688a5fb23c4b7d84aae65081e2663a783eb58357661e85c613d01b

Snowtrace Transaction of the MasterPlatypusV4 Contract’s Deployment: https://snowtrace.io/tx/0x0723124dfd5abdeafbfeab072a02610c868a7b7b32f641aa50fc157eca636d7d

Hardhat console.sol Address: https://github.com/NomicFoundation/hardhat/blob/hardhat@2.12.7/packages/hardhat-core/console.sol#L5

Detailed Analysis

Initial Loan Acquisition:

Date and Time: The attack took place on February 17, 2023, around 19:16:54 UTC.

Method: The attacker secured a 44,000,000 USDC loan from the Aave V3 protocol.
https://snowtrace.io/tx/0x1266a937c2ccd970e5d7929021eed3ec593a95c68a99b4920c2efa226679b430

Exploiter Add: https://snowtrace.io/address/0xeff003d64046a6f521ba31f39405cb720e953958

Exploiter Contract Add: https://snowtrace.io/address/0x67afdd6489d40a01dae65f709367e1b1d18a5322/

Asset Conversion and Collateralization:

• Deposit in Platypus Finance Pool: This loan was then deposited into the Platypus Finance Pool and converted into LP-USDC tokens.
• Staking in MasterPlatypusV4: The attacker staked these LP-USDC tokens in the MasterPlatypusV4 contract.

Borrowing Against Collateral:

• Utilizing PlatypusTreasure: The attacker borrowed approximately 41,794,533 units of USP stablecoin from the PlatypusTreasure contract.

Emergency Withdrawal and Bad Debt Creation:

• Withdrawal of Staked Tokens: The attacker used the emergency withdrawal function in MasterPlatypusV4 to withdraw the staked LP-USDC tokens.
• Creation of Bad Debt: This action led to the creation of unserviceable “bad debt” in the system.

Liquidation Strategy:

• Selective Liquidation of USP Tokens: The attacker liquidated only a part of the USP tokens, approximately 9,250,000 units, likely due to insufficient liquidity in the USP pools.
• Multiple Currency Exchanges: The liquidation involved exchanging USP for various stablecoins in a series of transactions, including exchanges of USP for USDC, USDC.e, USDT, USDT.e, BUSD, and DAI.e.

The liquidation involved exchanging USP for various stablecoins in a series of transactions:
2,500,000 USP for ~2,425,762 USDC.
2,500,000 USP for ~1,946,900 USDC.e (Bridged USDC).
1,600,000 USP for ~1,552,550 USDT.
1,250,000 USP for ~1,217,581 USDT.e (Bridged USDT).
700,000 USP for ~687,369 BUSD.
700,000 USP for ~691,984 DAI.e (Bridged DAI).

Financial Outcome:

Gains from Exchanges:

The attacker managed to convert their USP tokens into different stablecoins, realizing a profit of approximately 8,529,854 USD as of February 17, 2023.

Breakdown of Gains

The profit included various amounts in USDC, USDC.e, USDT, USDT.e, BUSD, and DAI.e.

• The attacker exchanged approximately 2,425,762 USDC and received about 2,427,390 USD, with an exchange rate of approximately 1.00067117.
• About 1,946,900 USDC.e (Bridged USDC) was converted to around 1,948,206 USD, at an exchange rate of 1.00067117.
• The attacker also exchanged 1,552,550 USDT for approximately 1,553,651 USD, using an exchange rate of 1.00070943.
• In another transaction, 1,217,581 USDT.e (Bridged USDT) was converted to about 1,219,725 USD, with an exchange rate of 1.00176158.
• A total of 687,369 BUSD was exchanged, resulting in approximately 688,527 USD, at an exchange rate of 1.00168506.
• Finally, 691,984 DAI.e (Bridged DAI) was converted to around 692,355 USD, using an exchange rate of 1.00053726.

Retained USP Tokens:

The attacker still held about 33,044,533 USP tokens, the value of which was indeterminate.

Technical Insight:

• Use of Development Tools: During the attack, the exploiter’s contract conducted multiple staticcall operations to the 0x000000000000000000636F6e736F6c652e6c6f67 address, which is known as the “console” address used by the Hardhat development toolkit. This indicates that the attacker utilized the Hardhat toolkit for contract development and execution.

Stolen Fund Details

The stolen funds, totaling approximately $8.5 million, were initially moved to various addresses and then partially recovered.

Acquired assets:

USDC: 2,403,762
USDCe: 1,946,900
USDT: 1,552,550
USDTe: 1,217,581
BUSD: 687,369
DAIe: 691,984
USP leftovers: 33,044,533

Hack Aftermath

• Token Impact: $USP price dropped to $0.33; PTP token lost 25% of its value.
• Recovery Efforts: Successfully reclaimed $2.5 million USDC, updated contract to recuperate part of the stolen amount.
• Compensation Measures: Announced a plan to cover up to 35% of affected users’ investments.
• Collaborations: Engaged with Binance, Tether, and Circle to freeze stolen funds. Communication
• The team acknowledged the attack on its official Twitter handle, highlighting a USP solvency check mechanism flaw.

Recovery Actions

By 17 February 2023, Platypus managed to reclaim $2.5 million USDC from the attack contract.

Following this, on 18 February 2023, the team provided further guidance, stating that they had paused liquidations. They assured users that multiple avenues were being explored to reclaim the remaining funds, including potential legal actions.

Compensation and Collaborative Actions

The Platypus team assured that the affected users would be covered up to 35% of their investment.

Subsequently, the team also began negotiations for a bounty with the hacker.

All stolen USDT were frozen, and collaborations with Binance, Tether, and Circle were initiated to freeze other stolen funds.

A Twitter account (@retlqw) was suspected to be responsible for the hack but has since been deleted.

On Feb 25, French police arrested two suspects concerning the $9.1 million Platypus exploit and confiscated 210,000 euros ($222,000) worth of cryptocurrency.

Details of Previous Hacks

The flash loan assault on October 12, 2023, marks the third time that Platypus has been targeted this year, resulting in a roughly $2.2 million loss.

Earlier on February 16, 2023, the protocol faced an $8.5 million setback due to a comparable breach, causing the value of Platypus USD (USP) stablecoin to plummet from $1 to $0.48.

Additionally, in July 2023, Platypus suffered another financial blow, losing about $157,000 to another flash loan exploit.

To address the February incident, Platypus unveiled a compensation gateway in March to assist breach victims.

This gateway facilitated users in confirming their eligible compensation from the protocol and provided an avenue for voicing any related concerns before the disbursement of compensations.

Platypus could have avoided this exploit by taking essential security measures and precautions, some of which are listed in the next section.

Mitigation Steps to Avoid Similar Hack

Importance of Continuous Auditing

• Regular Audits: Emphasize the need for frequent and thorough audits of smart contracts to identify vulnerabilities before they are exploited.
• Third-Party Auditors: Engage reputable external auditing firms to provide an unbiased review of the code.
• Audit Before Major Updates: Ensure that any significant update or addition to the protocol undergoes a comprehensive audit process.

Robust Solvency Check Mechanisms

• Enhanced Solvency Validation: Implement more rigorous checks in solvency validation mechanisms to prevent exploitative withdrawals.
• Dynamic Risk Assessment: Introduce dynamic risk assessment tools that adapt to changing market conditions and protocol updates.
• Cross-Contract Security: Develop systems that ensure security across interconnected contracts, especially in complex DeFi ecosystems.

Enhanced Monitoring of Smart Contract Functions

• Real-Time Monitoring Tools: Utilize advanced tools for real-time monitoring of smart contract transactions and activities.
• Anomaly Detection: Implement anomaly detection systems to identify unusual activities that may indicate an exploit quickly.
• Community Vigilance: Foster a community-based monitoring approach where users can report suspicious activities, contributing to the platform’s overall security.

Development of Emergency Response Protocols

• Incident Response Team: Establish a dedicated incident response team capable of acting swiftly in the event of a security breach.
• Rapid Communication Channels: Set up efficient communication channels to inform users and stakeholders about any security incidents and the steps being taken.

Regular Security Training and Awareness

• Developer Training: Regularly train developers on the latest security practices and emerging threats in the blockchain and DeFi space.
• Community Education: Educate the user community about safe practices and how to identify potential risks or scams.

Fostering Collaborations for Enhanced Security

• Partnerships with Security Firms: Build partnerships with blockchain security firms like ImmuneBytes for continuous support and consultation.
• Collaborative Audits: Participate in collaborative audits and security forums with other DeFi projects to share knowledge and best practices.

Implementing Fail-Safes and Circuit Breakers

• Automated Circuit Breakers: Implement automated systems that can temporarily halt certain functions if suspicious activity is detected.
• Manual Overrides: Ensure the possibility of manual intervention in the protocol’s operation in case automated systems fail to detect an exploit.

Conclusion

The breach of the Platypus Finance protocol serves as a stark reminder of the evolving challenges in the DeFi landscape. While the technical vulnerabilities were at the heart of the exploit, the swift response by the community and the actions taken by Platypus Finance was commendable.

In a significant development, French authorities arrested two individuals allegedly connected to this breach, as highlighted by Cointelegraph.

This event not only underscores the importance of robust security measures in decentralized systems but also emphasizes the collaboration between decentralized communities and law enforcement agencies in addressing cybercrimes.

Hiring blockchain and smart contract auditing firms like ImmuneBytes for thorough auditing could significantly bolster the security of blockchain projects against such exploits.