Exploiting a Smart Contract without Security Vulnerabilities: Analysis of True Seigniorage Dollar Attack Event

CertiK | Mar 17, 2021

Article's Poster

On March 14th, the CertiK Security Team discovered a novel type of attack which was leveraged against the DeFi stablecoin project; True Seigniorage Dollar. The attack resulted in a total loss of approximated $16,600. In order to conduct this, the attacker took advantage of the principle of the Decentralized Autonomous Organization (DAO) mechanism in order to conduct an attack without manipulating conventional ‘vulnerabilities’.

Technical Analysis

The Attack Process:

The attacker (0x50f753c5932b18e9ca28362cf0df725142fa6376) acquired a large number of True Seigniorage Dollar tokens (TSD) at a low price. They then leveraged those tokens for voting power and forcibly passed proposal No. 2

  1. In proposal No. 2, the attacked proposed the replacement of the current token implementation smart contract, which is pointed to by the proxy contract at the address of 0xfc022cda7250240916abaa935a4c589a1f150fdd, with a malicious token implementation created by the attacker and owned by address 0x2637d9055299651de5b705288e3525918a73567f, and deployed at 0x26888ff41d05ed753ea6443b02ada82031d3b9fb

  1. Following the approval of proposal No.2, the attacker committed the malicious token implementation contract through the proxy contract. The token implementation contract was upgraded to the malicious contract during this upgrade process.

  1. Simultaneously, the initialize() method in the malicious contract address was to be called during the upgrade process. By decompiling the malicious contract, we can learn that the initialize() method of the malicious contract will mint about 11.6 billion TSD to another address of the attacker,0x2637d9055299651de5b705288e3525918a73567f

Figure 6: initialize() method mint tokens to the attacker’s address in the decompilation of the malicious token implementation contract

  1. After the prior steps were executed, the attacker converted the obtained TSD into BUSD and left the market with a profit.

Summary

No security vulnerabilities were exploited in the TSD smart contract or dApps. Through an understanding of the DAO mechanism, the attacked continued to purchase TSD at a low price and leveraged the mechanism by which token holders could no longer vote on proposals after they unbonded their tokens; doing so because they could no longer profit from the protocol. Taking into consideration the project owner has a very low proportion of voting rights, the attacker took control of the governance surrounding proposal No. 2 with absolute advantage, thereby ensuring that the malicious proposal was passed.

Although the entire attack was conducted through the use of a malicious contract implanted in the backdoor, the DAO mechanism was the main contributing factor which enabled the attack to be conducted throughout the entire implementation process.

The CertiK Security Team recommends the following: starting from the DAO mechanism, the project party should have the right to vote to ensure that the governance proposal is not “kidnapped”, there, they can avoid recurrence of the attack.