On Thursday, Feb. 17, Platypus, a DeFi stablecoin swapping protocol on Avalanche, was exploited for $8.5 million. The exploit occurred via a flash loan attack that took advantage of a flaw in its USP solvency check mechanism.
This flaw tricked Platypus’s smart contracts into thinking that USP was fully backed, leading to nearly $8.5 million being moved from the protocol.
Platypus’s stablecoin, USP, lost its peg to the dollar, dropping to $0.33. It then briefly recovered to $0.97, but has since dipped back down to $0.48, data from CoinGecko shows. Platypus said that only 35% of Platypus’ user deposits are covered by other holdings.
According to a technical post-mortem analysis by auditing company Omniscia, the attack on Platypus was made possible by incorrectly placed code after it was audited.
Omniscia audited a version of the MasterPlatypusV1 contract from Nov. 21 to Dec. 5, 2021. The version that was audited “contained no integration points with an external platypusTreasure system” and therefore did not contain the misordered lines of code.
The vulnerability appears to be in verifying the MasterPlatypusV4 contract using the EmergencyWithdraw function, which will only fail when the borrowed asset exceeds the borrowing limit.
This allowed the attacker to use a flash loan to exploit a logic error in the USP solvency check mechanism in the contract holding the collateral.
Platypus’s compensation plan for users
In a tweet on Feb. 18, Platypus said it was working on a plan to compensate the damages and asked users not to realize their losses in the protocol, saying this would make it harder for the company to manage the issue.
Asset liquidations are also paused, said the protocol. The company is currently working on a compensation plan for users’ losses, which will be disclosed soon.
According to the firm, different parties, including legal enforcement officials, are currently involved in the funds’ recovery process. Further details about the next steps will be disclosed soon, noted Platypus.
Part of the funds is locked up in the Aave protocol. The company is exploring a method to potentially recover the funds, which would require the approval of a recovery proposal in Aave’s governance forum.
Efforts to recover funds
After the attack, crypto community members came together to recover the funds. ZachXBT, a crypto scam researcher, said on Twitter that he tracked down the attacker’s wallet address after reviewing their own chain history across multiple chains.
Platypus, with the help of BlockSec, updated its pool contract to counter-exploit $2.4 million in USDC from the hacker. They updated it such that when the exploit contract deposited the USDC (which it is tricked to believe is a flash loan) as collateral for the minting of USP, they could trick the code that it owed 0 USDC back, Twitter user nervoir said.
The USDC from the fake pool was sent to hardcoded addresses to avoid generalized front runners, nervoir tweeted. The other assets will probably be harder to recover but given that they control the pool code they have significant control, they said.
In addition to these efforts, the company is working with Binance, Tether, and Circle to freeze the funds of the hacker and prevent further losses. The team is also contacting law enforcement and will make further announcements once confirmed.