Wault Finance Incident Analysis: $WEX Price Manipulation Using WUSDMaster Contract

Inspex
4 min readAug 4, 2021

--

Starting from Aug 04, 2021, 01:49:05 AM UTC, an attack was done using Wault Finance’s $WUSD pegging mechanism. In this article, we will describe the technical details of this issue step-by-step.

Related Addresses

Attack Steps

Based on the attack that happened on Binance Smart Chain, the attacker’s activity can be seen from the following transaction: https://bscscan.com/tx/0x31262f15a5b82999bf8d9d0f7e58dcb1656108e6031a2797b612216a95e1670e

1. The attacker flash loaned $WUSD from WSwap’s WUSD-USDT pool and redeemed it for $USDT and $WEX.

2. The attacker flash loaned $USDT from PCS’s WBNB-USDT pool to prepare for the attack.

3. The attacker swapped a part of the flash loaned $USDT to $WEX before the price is pumped in the next steps.

4. The attacker staked the flash loaned $USDT to WUSDMaster contract. The 10% of staked $USDT was swapped to $WEX ($WEX price was increased) and the attacker gained the $WUSD with a 1:1 rate.

5. Since there was a limit on the staking amount, the attacker performed step 4 repeatedly to increase the $WEX price with almost no cost.

6. With the manipulated rate, the attacker gained profit in $USDT by swapping $WEX from steps 1 and 3 back to $USDT.

7. The attacker returned the $WUSD and $USDT flash loaned.

8. The attacker swapped the remaining $WUSD and the $USDT profit to $ETH.

Code Analysis

Minting $WUSD can be done using the stake() function in WUSDMaster contract. The stake function accepts $USDT from the user in line 700 to mint $WUSD with the rate of 1:1 in line 715, and a portion of the $USDT received is swapped to $WEX using the ratio determined by the wexPermille variable in line 708–714.

WUSDMaster.sol

With this logic, each staking of $USDT to mint $WUSD will cause the price of $WEX in the Wault USDT-WEX pool to increase.

After executing the stake() function, it is possible to swap the $WUSD back to $USDT by using WUSD-USDT pool with a nearly 1:1 rate in the WSwap AMM. As a result, the WUSDMaster contract can be used to pump the $WEX price with almost no cost for the attacker.

Conclusion

From this attack by using the flaw explained above. The attacker gained 370.19 ETH in total after repaying the flash loan.

Here is the announcement from Wault Finance regarding WUSD incident recap and solutions:
https://waultfinance.medium.com/wusd-incident-recap-and-solution-1751a042e170

About Inspex

Inspex is formed by a team of cybersecurity experts highly experienced in various fields of cybersecurity. We provide blockchain and smart contract professional services at the highest quality to enhance the security of our clients and the overall blockchain ecosystem.

For any business inquiries, please contact us via Twitter, Telegram, contact@inspex.co

--

--

Inspex
Inspex

Written by Inspex

Cybersecurity professional service, specialized in blockchain and smart contract auditing https://twitter.com/InspexCo

No responses yet