PancakeHunny Flash Loan Minting Attack Analysis
On Oct 20, 9 AM UTC, an attacker exploited PancakeHunny by manipulating the price of WBNB/TUSD on PCS using flash loans, minted ~12M of Hunny tokens in 15 transactions, and dumped.
As a result, the hacker has taken out 2.3M (642k of stable coin + 435.31 ETH) and crashed the price of the HUNNY token from $0.3 to $0.1.
The first exploit transaction happened at 09:22:01 AM:
Binance Transaction Hash (Txhash) Details | BscScan
Binance (BNB) detailed transaction info for txhash 0x1b698231965b72f64d55c561634600b087154f71bc73fc775622a45112a94a77…
The Root Cause
The harvest() function of the VaultStrategyAlpacaRabbit contract is configured to use a fixed path to swap the underlying reward token to the staking token for reinvesting.
For the Alpaca TUSD vault, the path will be [ALPACA, WBNB, TUSD].
However, since the WBNB/TUSD pool got only a few hundreds of dollars worth of liquidity, the price of WBNB/TUSD can be easily manipulated using flashloans.
That’s the first step of the attack:
The attacker borrowed 2.7M worth of TUSD and swap to WBNB through the WBNB/TUSD pool, inflating the price of WBNB against TUSD to an extreme value.
Then the attacker then triggered harvest, swapped out hundreds of thousands of TUSD with merely a few cents of underlying rewards, resulting in the profit of the whole vault increasing by a lot.
The attacker then called getReward() to mint HUNNY tokens with the artificially created profits by paying a 30% performance fee.
When the minted HUNNY tokens are worthing more than the 30% performance fee, it enables a profitable economic attack.
WatchPug is a smart contract security team with the goal of elevating the security, privacy, and usability of the current DeFi ecosystem. For the need for smart contract auditing, please contact us at Twitter or Telegram.