White Hats Just Defused a Potential $350M Heist on SushiSwap

“Chad af,” one Twitter user commented on the rescue action.

AccessTimeIconAug 17, 2021 at 10:49 p.m. UTC
Updated Sep 14, 2021 at 1:41 p.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

A group of people in the crypto community, led by crypto investment firm Paradigm’s research partner Sam Sun, may have just prevented SushiSwap’s token fundraising platform Miso from losing more than $350 million worth of ether, after discovering and fixing a bug on the platform in under just five hours.

Because of the collective efforts, SushiSwap says no funds have been lost.

According to a post published by SushiSwap on Monday, Sam Sun, and his colleagues Georgios Konstantopoulos and Daniel Robinson – all from San Francisco-based crypto investment firm Paradigm – reached out to the team at Sushi to alert them to “a vulnerability” on the “Dutch auction” contract on the Miso platform.

In a Dutch auction, investors place bids reflecting the maximum amount that they are willing to pay. Once the bids are collected, the highest bid is declared the winner. After the auction is finalized, unsuccessful bids are returned to their owners.

The vulnerability

The SushiSwap team and Paradigm’s Sun, in separate posts, both identified that, essentially, the vulnerability was centered around the ability to batch multiple calls to commitEth and reuse a single msg.value across every commitment, allowing an attacker to bid in the auction for free.

“Combining batch with commitEth (a function on Miso Dutch Auction) creates a two-pronged issue where a user can both put up a commitment higher than ‘msg.value’ thereby draining any unsold tokens and additionally drain the raised funds on the contract as refunds if the auction has reached max commitment,” SushiSwap’s team wrote in the post.

"The bug was created when a convenience function for wallet addresses interacted with the refund mechanism of the auction contract," explained Duncan Townsend, CTO at Immunefi, a bug bounty platform for decentralized finance (DeFi) that was also recruited to help solve the issue.

"Users could over-bid and get a refund of the difference between the current bid and the amount they submitted, but the refund could be repeated to drain the auction contract," Townsend added.

“All future planned auctions utilizing the specific Dutch auction contracts with ETH commitments have been paused until an updated version is redeployed,” SushiSwap’s team wrote.

The takeaway: Smart contracts are hard

At the conclusion of his blog post, Sun reflected that one of the most important lessons to be learned from this discovery is that even "safe components can come together to make something unsafe."

The smart contracts that underpin DeFi are complex, combining "composable" "Lego blocks" to create new contracts and protocols. But the manner in which these blocks are combined can have inadvertent, disastrous consequences, even when programmers are using inherently safe individual components.

"This incident shows that even safe contract-level components can be mixed in a way that produces unsafe contract-level behavior. There’s no catch-all advice to apply here like 'check-effect-interaction,' so you just need to be cognizant of what additional interactions new components are introducing," Sun said.

The event took place just after the biggest DeFi exploit to date took place last week: Cross-chain DeFi site Poly Network was attacked, losing more than $600 million worth of cryptocurrencies, due to a bug.

In the case of the SushiSwap vulnerability, however, many in the crypto community have taken to social media to praise the five-hour collective rescue efforts led by the research arm at Paradigm.

"Chad af," Twitter user @KadenZipfel wrote (a "chad" usually refers to an "alpha male" in the common parlance of internet slang).

“Absolute King,” another Twitter user, @BanhbaoCrypto, wrote. “The Defi super hero we all need but don't deserve!”


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.