Wault Finance Incident Analysis: $WEX Price Manipulation Using WUSDMaster Contract

4 min readAug 4, 2021

Starting from Aug 04, 2021, 01:49:05 AM UTC, an attack was done using Wault Finance’s $WUSD pegging mechanism. In this article, we will describe the technical details of this issue step-by-step.

Related Addresses

Attacker’s Wallet: https://bscscan.com/address/0x886358f9296de461d12e791bc9ef6f5a03410c64
Attacker’s Contract: https://bscscan.com/address/0x50AFA9383EA476BDF626d6FbA62AFd0b01C8fEa1
Wault WUSD-BUSD LP: https://bscscan.com/address/0x6102D8A7C963F78D46a35a6218B0DB4845d1612F
Wault USDT-WEX LP: https://bscscan.com/address/0x50e8D9Aa83eBDe9608074eC1faaDfD2E792D9B81
Wault WUSDMaster: https://bscscan.com/address/0xa79Fe386B88FBee6e492EEb76Ec48517d1eC759a
PancakeSwap USDT-WBNB LP: https://bscscan.com/address/0x16b9a82891338f9bA80E2D6970FddA79D1eb0daE

Attack Steps

Based on the attack that happened on Binance Smart Chain, the attacker’s activity can be seen from the following transaction: https://bscscan.com/tx/0x31262f15a5b82999bf8d9d0f7e58dcb1656108e6031a2797b612216a95e1670e

1. The attacker flash loaned $WUSD from WSwap’s WUSD-USDT pool and redeemed it for $USDT and $WEX.

2. The attacker flash loaned $USDT from PCS’s WBNB-USDT pool to prepare for the attack.

3. The attacker swapped a part of the flash loaned $USDT to $WEX before the price is pumped in the next steps.

4. The attacker staked the flash loaned $USDT to WUSDMaster contract. The 10% of staked $USDT was swapped to $WEX ($WEX price was increased) and the attacker gained the $WUSD with a 1:1 rate.

5. Since there was a limit on the staking amount, the attacker performed step 4 repeatedly to increase the $WEX price with almost no cost.

6. With the manipulated rate, the attacker gained profit in $USDT by swapping $WEX from steps 1 and 3 back to $USDT.

7. The attacker returned the $WUSD and $USDT flash loaned.

8. The attacker swapped the remaining $WUSD and the $USDT profit to $ETH.

Code Analysis

Minting $WUSD can be done using the stake() function in WUSDMaster contract. The stake function accepts $USDT from the user in line 700 to mint $WUSD with the rate of 1:1 in line 715, and a portion of the $USDT received is swapped to $WEX using the ratio determined by the wexPermille variable in line 708–714.

WUSDMaster.sol

With this logic, each staking of $USDT to mint $WUSD will cause the price of $WEX in the Wault USDT-WEX pool to increase.

After executing the stake() function, it is possible to swap the $WUSD back to $USDT by using WUSD-USDT pool with a nearly 1:1 rate in the WSwap AMM. As a result, the WUSDMaster contract can be used to pump the $WEX price with almost no cost for the attacker.

Conclusion

From this attack by using the flaw explained above. The attacker gained 370.19 ETH in total after repaying the flash loan.

Here is the announcement from Wault Finance regarding WUSD incident recap and solutions:
https://waultfinance.medium.com/wusd-incident-recap-and-solution-1751a042e170

About Inspex

Inspex is formed by a team of cybersecurity experts highly experienced in various fields of cybersecurity. We provide blockchain and smart contract professional services at the highest quality to enhance the security of our clients and the overall blockchain ecosystem.

For any business inquiries, please contact us via Twitter, Telegram, contact@inspex.co