- A donation to the Yearn yUSD vault was used in the Cream Finance 2021-10-27 exploit.
- The exploit transaction had a side effect of increasing the yUSD vault
pricePerSharetwofold, from 1.000996 to 2.001993. - Yearn was able to successfully recover the 8,431,514 yUSD (~$9.42m) that was donated to the vault as part of the attack. These funds were sent to Cream multisig.
- The vault's
pricePerSharewas reset to its pre-attack value and two depositors interacting with the vault at the inflated price were made whole.
Yearn vaults value their shares as totalAssets / totalSupply, so with strategies running, the same amount of shares can be redeemed for more underlying tokens.
This value, pricePriceShare, cannot be modified simply by depositing into a vault, but it is possible to increase it by sending the underlying token to the vault directly. This is by design, intended to enable vaults to support accepting of donations and airdrops.
No Yearn vault accounting was found to be broken as a result of the attack against Cream. However, by donating to the Yearn vault, the attacker was able to amplify the impact on Cream, in order to make the attack economically feasible. At the time of the attack, the yUSD vault's total supply was ~11 million vault shares, which were available for both lending and borrowing on Cream.
- The attacker deposited $500 million DAI into the yUSD vault from account A, and provided the vault token as collateral to Cream.
- They then borrowed the same amount from account B, which they then withdrew from the Yearn vault and redeemed, therefore reducing the total supply of vault shares to ~8 milion.
- The attacker then donated 8,431,514 yUSD to the vault, immeditely increasing
pricePerSharetwofold. The Cream oracle usespricePerShareto determine the value of Yearn vault shares as collateral. - As the value of its collateral now has effectively doubled as far as the Cream protocol can tell, account A now has twice as much borrowing power, allowing the attacker to borrow more assets from Cream than was deposited as collateral.
- The attacker looped these steps to amplify the impact until they were able to drain all the deposited assets in Cream v1. We estimate amount drained at $119.9 million.
Additional writeups on the attack can be found here:
- Cream Finance
- Mudit Gupta
- flashfish
- Reverse-engineered exploit by BlockSec Team
This incident did not uncover any flaws in Yearn vaults. Actions mentioned in this section are related to making downstream integrations safer and more robust.
- We are exploring ignoring donations to vaults altogether and have them processed by an airdrop strategy.
- Yearn developers produced a multi-step yRecover strategy which successfully salvaged the funds donated to the yUSD vault by the attacker and returned its
pricePerShareback to its expected value. - The salvaged funds were sent to the Cream multisig, as well as two users who desposited at the inflated share price after the exploit had taken place.
2021-10-27 13:54 UTC: Cream exploit transaction takes place.
14:21: Yearn war room is established.
15:15: Yearn governance disables new deposits for five vaults available as a collateral on Cream as a precautionary measure.
19:04: After determining no present risk, deposits are re-enabled on ironbank, seth, and steth vaults.
20:01: A new strategy, designed to recover precisely the airdropped amount to yUSD vault, is deployed.
20:56: The new strategy is attached to yUSD vault.
2021-10-28 11:06 yRecover strategy is harvested, fixing the share price and sending the recovered funds to the Yearn governance multisig.
2021-10-29 18:49 The salvaged funds are sent to Cream multisig and two depositors who deposited at a higher share price.
As per Yearn's security process document, the project does not currently have any established bilateral disclosure agreements.
However, due to the critical nature of the vulnerability, effort was made to determine whether this vulnerability affected other money market protocols.
Disclosures were made to the following protocols:
- Aave. Fully remediated as of 2021-11-02.