The Bugs of the Month: from Liquid to Balancer and from Ravencoin to Bitcoin Gold

Over the past few weeks there have been some interesting bugs and attacks on cryptocurrencies: At Ravencoin, a miner is mining coins that shouldn’t exist and at Bitcoin Gold a 51 percent attack is fending off.¬†The liquid sidechains meanwhile book Bitcoins unscheduled under the control of Blockstream, while¬†hackers enrich¬†themselves¬†with weaknesses in the DeFis Balancor and UniSwap.¬†So we have a colorful bunch of bugs.

Bugs happen every day.¬†Wherever there is code and computer, there are also errors that are sometimes exploited and sometimes just reported.¬†But it becomes special when there is a bug where there shouldn’t be a bug – with blockchains.¬†And there is a lot to report about this in recent weeks.

Ravencoin: Mistake allows miners to collect more than the intended coinbase reward

For cryptocurrencies, the protocol regulates the creation of new coins by miners, who can usually credit them through the so-called “coinbase transaction”.¬†This model, introduced by Bitcoin, has been adopted by most cryptocurrencies, including Ravencoin, a rather uninteresting altcoin that is relatively similar to Bitcoin and has only changed small parameters such as the block intervals or the mining algorithm.¬†In early July have Ravencoin developers now an “incident” (Incident)¬†reported¬†:

The team was told a “vulnerability”, “which was used by unknowns to mine RVN” – Ravencoin’s native tokens – “that go beyond the coin base of RVN 5000 per block.” The bug used a code -Change that was brought in from the community.¬†The developers tried to close the bug without hanging it on the big bell to prevent further incidents.¬†The bug mined RVN coins “that shouldn’t exist” and therefore increased the total number of RVNs ever available.

The developers have informed the police and are working with them to investigate the case.¬†A fork that wipes out the coins is out of the question.¬†Because “the RVNs were sent to an exchange and traded, so they are mixed with other RVNs and any attempt to burn them in agreement with miners and the community would do irreparable harm to innocent victims.”

Liquid sidechain: Error temporarily gives Blockstream control of 870 bitcoins

The¬†liquid-side chain of block Stream¬†is designed to help to scale Bitcoin by freezing Bitcoins on the “main chain” and resurrected on another Blockchchain as L-BTC, which is operated by a consortium of exchanges and other companies.¬†There is a kind of emergency program at Liquid that allows you to recover bitcoins with emergency keys after a certain time.¬†These emergency keys are owned by Blockstream.

Ethereum developer James Prestwitch accidentally¬†the liquid emergency operators can steal 870 Bitcoin”.¬†Prestwitch found this ‚Äúonly by accident‚ÄĚ and therefore asks how often this usually occurs.

Shortly afterwards, the CEO of Block Stream, Adam Back, a statement to be published : The problem is caused by inconsistency of Timelocks the various players in Liquid. They renew the timelocks after they have expired, rather than before. This usually only lasts for a short period of time, but it could also happen that, like recently, it took 40 minutes.

The problem is already known, but the fix was delayed because of Corona. On July 3, he was finally brought up to the nodes of the Liquid Federation.

Bitcoin Gold: Developers ward off another 51 percent attack through checkpoints

Bitcoin Gold (BTG)¬†is a fork of Bitcoin that emerged shortly after the fork of Bitcoin Cash (BCH).¬†Compared to BCH and Bitcoin SV, however, it is relatively meaningless.¬†Unlike these two more popular forks, she changed Bitcoin’s mining algorithm so that miners can use graphics cards instead of Asics.¬†This was supposed to make the blokchain more decentralized and secure – but has already resulted in¬†a 51 percent attack¬†in the past¬†.

A 51 percent attack is THE weakness of Bitcoin, so to speak: If a miner has more than 51 percent of the hash power, he can secretly mine an alternative blockchain and then enforce it.¬†In this way, he can send bitcoins to someone, but also transfer them back to himself after confirmation.¬†This attack has long been known;¬†Bitcoin’s security is based on the fact that more than half of the miners are honest.

On July 1, Bitcoin Gold suffered another such attack. Unlike last time, however, the developers reacted promptly and let the hacker run wild: on July 2, they published a new version of the node software that sets a checkpoint: a block created by an honestly known pool on July 2. July was considered binding. This means that an attacker can no longer replace it with another block, even if it was generated with more hash power. The new version was distributed to the exchanges and miners, who initially suspended deposits and withdrawals. However, since the new version was initially not public, the attackers continued to work on their alternative chain, which was already 1300 blocks long on July 10. By doing so, they simply wasted resources without gaining anything from the attack.

Balancer liquidity pools lose more than $ 500,000

Balancer is part of the Decentralized Finance (DeFi) family on Ethereum. It is an automatic market maker that pools liquidity for other DeFis through pools and can thus pay interest to the participants. At the end of June, the 1inch exchange reported how two pools lost at least $ 500,000 due to a bug.

The exploits were each triggered by an Ethereum transaction, which linked different actions to different smart contracts and was so complex that each of them consumed almost 90 percent of the gas available for a block. If you do not understand the following attack, it doesn’t matter Рalmost everyone does it like this:

The hackers initially took a loan of 104,000 WETH from the decentralized dYdX exchange.¬†WETH are wrapped ethers.¬†That means they are a token that can be used by some smart contracts.¬†The hackers then used this WETH to exchange them for STA tokens 24 times in succession.¬†This has used up the liquidity pool’s STA inventories, which was made possible by an error in the transfer mechanism of the pool smart contract.

The attacker then exchanged the STA for WETH repeatedly. Due to the transfer fees of the pool, the pool has never received STA, but has released WETH. The attacker then repaid the loan of 104,000 WETH and drastically increased his stake in the balancer pool by depositing STA tokens, before finally exchanging the balancer pool tokens for 136,000 STA and Uniswap for 109,000 WETH. So he probably got a profit of 5,000 ether.

The attack is so complicated that it makes you dizzy. It is hard to imagine how you can think of something like this Рand even more difficult how to plan and prevent it.

Attacker spammers Ethereum network to capture several thousand ether on UniSwap in a few minutes

The last of the bugs of the month is also about a DeFi: Uniswap that was already used in the course of the balancer bug.¬†It is not entirely clear whether this is actually a bug or “only” the exploitation of a special market situation.¬†The following happened:

PepperSec, founder of cybersecurity company Roman Storm, tweeted that someone had made a million dollars on UniSwap in 30 minutes. This was made possible by three steps: First, I was waiting for the message that bZrX is listed on Uniswap. bZrX is the token of the bZr network, which also represents a DeFi protocol. Second, the attacker wrote a smart contract that buys the tokens on Uniswap. Third, he spawned transactions on the Ethereum network so that the others could not act because their transactions failed. Shortly afterwards he sold the tokens again.

After a deposit of 650 ether, he was able to stand at 2680 ether and 300,000 bZrX tokens within thirty minutes.

The attacker was certainly not playing according to the rules as they were supposed to, and he has enriched himself considerably in a very short time. But is it a bug? Or just a protocol that is not yet fully mature? Or is it just about the clever exploitation of market mechanisms that are likely to be found in the stock market again and again?

Either way, either way: like the balancer attack, this shows that the DeFis allow numerous extremely complex attacks that combine the highest technical complexity with economic scenarios and attacks on the entire Ethereum network.