Impossible Finance exploit root cause analysis

How does Impossible Finance make the impossible possible?

The Exploit

2 swaps at about the same price, which is usually “impossible”

Using a vulnerability in the LP contract, the hacker managed to swap IF into BUSD at about the price 2 times in a row, which is usually “Impossible” because of the slippage.

As a result, the hacker has taken out about half a million worth of ETH with Anyswap.

Check out the Transaction Details on BscScan.

How?

  1. Swapped 65,140 IF token.
  2. Created a FAKE token called AAA (BBB).
  3. Created LP with the FAKE token and IF.
  4. Swapped 32,570 IF into 221,898 BUSD and another 32,570 IF into 221,898 BUSD using IF router thru the FAKE token LP.
  5. Repeated the steps from 3 to 5.
  6. Sold 556,384 BUSD for 1,731 BNB, repaid the flash loan.

The Root Cause

Missing the “K” check

At step 5, the FAKE token got a special design that will call the swap() function of the LP contract, while the router calls the cheapSwap() function.

The swap() call triggered by the transferFrom() of the FAKE token happened before the cheapSwap() call, which will update the price. So that the two swaps can be made at about the same price.

The original Uniswap LP contract includes an important check that enforces x*y=k. It’s missing in the cheapSwap() function.

With the K check missing, the impossible is now possible.

About Us

Donation: 0x227d72Ec9f332292523f64032DD25111676404aA

Pug against Rug