PancakeHunny Flash Loan Minting Attack Analysis

2 min readOct 20, 2021

The Exploit

On Oct 20, 9 AM UTC, an attacker exploited PancakeHunny by manipulating the price of WBNB/TUSD on PCS using flash loans, minted ~12M of Hunny tokens in 15 transactions, and dumped.

As a result, the hacker has taken out 2.3M (642k of stable coin + 435.31 ETH) and crashed the price of the HUNNY token from $0.3 to $0.1.

The first exploit transaction happened at 09:22:01 AM:

The Root Cause

Using an inappropriate fixed path for swap makes it vulnerable to pricing manipulation using flashloans.

The harvest() function of the VaultStrategyAlpacaRabbit contract is configured to use a fixed path to swap the underlying reward token to the staking token for reinvesting.

For the Alpaca TUSD vault, the path will be [ALPACA, WBNB, TUSD].

However, since the WBNB/TUSD pool got only a few hundreds of dollars worth of liquidity, the price of WBNB/TUSD can be easily manipulated using flashloans.

$0.01 of ALPACA for $200k of TUSD

That’s the first step of the attack:

The attacker borrowed 2.7M worth of TUSD and swap to WBNB through the WBNB/TUSD pool, inflating the price of WBNB against TUSD to an extreme value.

Then the attacker then triggered harvest, swapped out hundreds of thousands of TUSD with merely a few cents of underlying rewards, resulting in the profit of the whole vault increasing by a lot.

The attacker then called getReward() to mint HUNNY tokens with the artificially created profits by paying a 30% performance fee.

When the minted HUNNY tokens are worthing more than the 30% performance fee, it enables a profitable economic attack.

About Us

WatchPug is a smart contract security team with the goal of elevating the security, privacy, and usability of the current DeFi ecosystem. For the need for smart contract auditing, please contact us at Twitter or Telegram.