Wault Finance Incident Analysis: $WEX Price Manipulation Using WUSDMaster Contract
Starting from Aug 04, 2021, 01:49:05 AM UTC, an attack was done using Wault Finance’s $WUSD pegging mechanism. In this article, we will describe the technical details of this issue step-by-step.
- Attacker’s Wallet: https://bscscan.com/address/0x886358f9296de461d12e791bc9ef6f5a03410c64
- Attacker’s Contract: https://bscscan.com/address/0x50AFA9383EA476BDF626d6FbA62AFd0b01C8fEa1
- Wault WUSD-BUSD LP: https://bscscan.com/address/0x6102D8A7C963F78D46a35a6218B0DB4845d1612F
- Wault USDT-WEX LP: https://bscscan.com/address/0x50e8D9Aa83eBDe9608074eC1faaDfD2E792D9B81
- Wault WUSDMaster: https://bscscan.com/address/0xa79Fe386B88FBee6e492EEb76Ec48517d1eC759a
- PancakeSwap USDT-WBNB LP: https://bscscan.com/address/0x16b9a82891338f9bA80E2D6970FddA79D1eb0daE
Based on the attack that happened on Binance Smart Chain, the attacker’s activity can be seen from the following transaction: https://bscscan.com/tx/0x31262f15a5b82999bf8d9d0f7e58dcb1656108e6031a2797b612216a95e1670e
2. The attacker flash loaned $USDT from PCS’s WBNB-USDT pool to prepare for the attack.
3. The attacker swapped a part of the flash loaned $USDT to $WEX before the price is pumped in the next steps.
4. The attacker staked the flash loaned $USDT to WUSDMaster contract. The 10% of staked $USDT was swapped to $WEX ($WEX price was increased) and the attacker gained the $WUSD with a 1:1 rate.
5. Since there was a limit on the staking amount, the attacker performed step 4 repeatedly to increase the $WEX price with almost no cost.
6. With the manipulated rate, the attacker gained profit in $USDT by swapping $WEX from steps 1 and 3 back to $USDT.
7. The attacker returned the $WUSD and $USDT flash loaned.
8. The attacker swapped the remaining $WUSD and the $USDT profit to $ETH.
Minting $WUSD can be done using the
stake() function in
WUSDMaster contract. The stake function accepts $USDT from the user in line 700 to mint $WUSD with the rate of 1:1 in line 715, and a portion of the $USDT received is swapped to $WEX using the ratio determined by the
wexPermille variable in line 708–714.
With this logic, each staking of $USDT to mint $WUSD will cause the price of $WEX in the Wault USDT-WEX pool to increase.
After executing the
stake() function, it is possible to swap the $WUSD back to $USDT by using WUSD-USDT pool with a nearly 1:1 rate in the WSwap AMM. As a result, the
WUSDMaster contract can be used to pump the $WEX price with almost no cost for the attacker.
From this attack by using the flaw explained above. The attacker gained 370.19 ETH in total after repaying the flash loan.
Here is the announcement from Wault Finance regarding WUSD incident recap and solutions:
Inspex is formed by a team of cybersecurity experts highly experienced in various fields of cybersecurity. We provide blockchain and smart contract professional services at the highest quality to enhance the security of our clients and the overall blockchain ecosystem.