Inside the $3B DeFi Exploit of Acala's Crypto Platform
The exploit of one of Acala's liquidity pools demonstrates how easily billions of dollars can be siphoned from DeFi platforms, potentially wreaking havoc on an entire industry in a matter of minutes.
When the decentralized-finance platform Acala was attacked on Saturday, allowing the perpetrators to mint what was technically $3 billion worth of its aUSD stablecoins, a natural question to ask was: Didn’t Acala audit their code?
Yes, the Polkadot-based protocol certainly did. But the exploit involved a misconfiguration in one of Acala’s liquidity pools – the backbone of decentralized exchanges (DEXes), where cryptocurrencies are swapped according to a math equation instead of a conventional order book – which originate from another project entirely, the Honzon protocol. And that allowed 3.02 billion new aUSD stablecoins to be created, which drove their price down dramatically from their intended $1 each.
“We didn’t perform an exhaustive review of the Honzon protocol. We stated at the time that additional reviews were required to fully investigate issues we identified,” Nick Selby, vice president of the software assurance practice at Trail of Bits, said in an interview with CoinDesk. That company was one of several firms that audited Acala’s smart contracts last year.
In a statement to CoinDesk, Bryan Chen, co-founder and CTO of Acala, explained that multiple audits were performed with several top audit firms other than Trail of Bits. One such firm was Security Research Labs (SRLabs), a cybersecurity consultancy and research company.
“All code involved in the aUSD error mints was mature code that had been audited several times and also battle tested on Karura, our canary network on Kusama," said Chen. (Kusama is an experimental development environment for Polkadot-related projects.)
Bette Chen, co-founder and CEO of Acala, also added some clarity to the situation by emphasizing that audits don’t detect parameter misconfigurations.
"A parameter configuration is not part of a code change. For example, when the liquidation ratio is changed, there is no new audit required; a governance vote can update parameters. The code itself, however, should have prevented the misconfiguration, which is not picked up by internal and external audits,” she said in a statement to CoinDesk.
In other words, the protocol code ought to have caught the error in the parameter configuration – but it didn’t.
Read more: In Crypto, Base Layer Security Isn’t Enough
About 2.97 billion of the erroneously minted 3.02 billion aUSD was subsequently recovered, and approximately 1.29 billion aUSD was burnt after an urgent governance vote. The Acala community also voted to burn the remaining 1.68 billion aUSD in a later vote. Here’s how it all unraveled.
iBTC/aUSD liquidity pool
Interlay, a decentralized stablecoin network, recently launched InterBTC (iBTC) – a wrapped bitcoin token. Wrapped tokens are synthetic (or tokenized) versions of crypto assets that are not native to the blockchains they exist on. These iBTC tokens debuted on two Polkadot DeFi platforms: Acala and Moonbeam.
Read more: What Are Liquidity Pools?
On Aug. 4, Acala announced an iBTC/aUSD liquidity pool. The pool was set to launch around Aug. 13. Members of the Acala community were encouraged to contribute iBTC and aUSD to the pool in order to establish liquidity. These liquidity providers would subsequently be rewarded with interlay (INTR) and acala (ACA) tokens.
Attack of the ‘error mints’
The iBTC/aUSD liquidity pool was launched on schedule on Aug. 13. Soon afterward, the error mints were initiated. The root cause was a protocol misconfiguration that distributed rewards in aUSD instead of INTR and ACA.
Within minutes, an Acala contributor picked up on the activity and notified the community. Shortly thereafter, the Acala community held a governance vote which authorized halting Acala Swap, Acala’s DEX protocol.
Further investigation revealed the Honzon protocol misconfiguration as the root cause of the error mints. Subsequent votes were carried out resulting in an agreement to pause Honzon and ultimately rectify the situation.
As a stablecoin, aUSD typically trades at an approximate 1:1 ratio with the U.S. dollar. The value of aUSD fell from about $1.03 to $0.009 after the attack.
Tracking the culprits
By Aug. 15, Acala had traced all error mint-related transactions to 16 wallets. The total amount of aUSD in these wallets was initially estimated to be around 1.29 billion. An additional 4.3 million remained unclaimed in the iBTC/aUSD reward pool.
Two days later, on Aug. 17, the Acala community conducted a second transaction-tracing analysis. They discovered that a total of 3.022 billion aUSD (and not 1.29 billion as originally estimated) had been erroneously minted and claimed (as reward money) by liquidity providers. Fortunately, an additional 1.68 billion aUSD was also recovered, bringing total recovered funds to 2.97 billion out of the total 3.02 billion.
The community passed a referendum to burn the 1.29 billion aUSD recovered on Aug. 15. This partially restored the token’s peg, which currently sits at about $0.80. Another governance vote took place on Aug. 20 to burn the remaining 1.68 billion aUSD.
After the Acala exploit
Acala has clearly identified the aUSD Honzon liquidity pool protocol as the source of the minting vulnerability. The asset paired with aUSD within the pool in question, iBTC, was not affected, neither was its code a part of the problem. Interlay (creator of iBTC) has distanced itself from the debacle.
“There is one important thing to set straight – it was not an iBTC hack … Interlay/iBTC have not been compromised. The incident has not jeopardized Interlay as a network, nor iBTC as a product, in any way. All system operations have been and remain fully functional,” Alexei Zamyatin, co-founder and CEO of Interlay, told in a CoinDesk interview.
The full extent of Acala’s error mints is still being investigated. In a statement, Bette Chen said:
“We continue to work with our partners and contributors to trace aUSD erroneously minted by 16 wallet addresses. Results will continue to be published in a transparent manner, and the community can continue to collectively formulate proposals to resolve the erroneously minted aUSD. We greatly appreciate everyone’s patience and support."
UPDATE (Aug. 23, 9:58 UTC): Corrects spelling on Moonbeam in 10th paragraph.
UPDATE (Aug. 23, 13:55 UTC): Adds a community vote conducted over the weekend in 9th paragraph.
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.
Learn more about Consensus 2024, CoinDesk’s longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.