Wault WUSD Minting Attack Root Cause Analysis

An economic attack rooted in the design of WUSD

WUSD is a stable coin backed by USDT and WEX.

When you mint WUSD with USDT, 1/10 of the deposit will be used for market buy WEX and then use the WEX bought as part of the reserve.

The Exploit

At around 2 AM UTC on Aug 4, Wault’s WUSD on BSC was exploited and drained $800k (370 ETH) out of the WUSD/BUSD LP.

Check out the Transaction Details on BscScan.

How?

1. Borrow 16.8M WUSD of flash loan and redeemed into 15M USDT and 106M WEX.
2. Borrowed 40M USDT of flash loan.
3. Swapped 518M WEX with USDT. (At a rather cheap price.)
4. Minted 250K WUSD with 250K USDT. Repeated many times. Passivity bought $25K WEX each time, pushing the price higher.
5. Dumped 624M WEX (from step 1 and step 3) at a higher avg price.
6. Dumped WUSD through WUSD/BUSD LP. Repaid the flash loans.

Why?

We believe this is an economic attack rooted in the design of WUSD.

With the reserve of WUSD partly being WEX, manipulating the price of WEX is made profitable with sufficient liquidity of WUSD.

About Us

WatchPug is a smart contract security team with the goal of elevating the security, privacy, and usability of the current DeFi ecosystem. For the need for smart contract auditing, please contact us at Twitter or Telegram.

Donation: 0x227d72Ec9f332292523f64032DD25111676404aA