KyberSwap Exploit: A Comprehensive Breakdown

On November 23, 2023, KyberSwap, a decentralized trading platform, suffered a massive attack that resulted in the theft of approximately $47 million and a 90% decline in its Total Value Locked (TVL). The attacker specifically targeted KyberSwap Elastic, the platform's concentrated liquidity protocol, exploited a fault in it and leveraged flash loans to carry out the attack. This resulted in a substantial decline in its Total Value Locked (TVL) from $71 million to below $3 million. The stolen funds were distributed across multiple networks:

• Arbitrum: >$20 million
• Optimism: $15 million
• Ethereum: $7.5 million
• Polygon: $3 million
• Avalanche: $23,000

A thorough analysis by the AuditOne team revealed that the exploit was primarily orchestrated through a combination of tick manipulation and double liquidity counting.

The process began with the attacker securing a significant flash loan. They exploited a precision error in Kyber's code by using these loans to manipulate asset prices, deliberately directing them to an area of the pool's liquidity curve with low liquidity. Through a series of swaps and position adjustments, they changed the current prices and ticks within vulnerable pools. This manipulation led to multiple swap steps and cross-tick operations, causing double liquidity counting and ultimately draining the targeted pools.

Attacker’s Address: 0x50275e0b7261559ce1644014d4b78d4aa63be836
Attacker’s Address2: 0xc9b826bad20872eb29f9b1d8af4befe8460b50c6
Attack Contract: 0xaf2acf3d4ab78e4c702256d214a3189a874cdc13

The Attacker's Identity and Demands

The following on-chain message was sent from the exploiter’s address upon completion of the attack:

The exploiter's identity remains unknown, but they have exhibited a distinct personality throughout the incident. They left playful comments in transaction logs, such as "Step 2, finding liquidity required," "Is it enough?" and "Raping Now."

In a surprising turn of events, however, the hacker demanded complete control of KyberSwap by publishing an on-chain message on November 30th. Their demands included:

• Full control of the Kyber company, including all shares, equity, and tokens.
• Temporary full authority and ownership of KyberDAO, the platform's governance mechanism.
• Access to all documents related to the company.
• Ownership of all Kyber company assets.

In exchange for these demands, the hacker promised to:

• Buy out Kyber's executives at a fair valuation.
• Double the salaries of Kyber employees under the new regime.
• Provide a 12-month severance with full benefits and assistance in finding new careers for employees who choose not to stay.
• Reimburse liquidity providers for 50% of their losses.

The hacker set a deadline of December 10th for KyberSwap to comply with their demands.

KyberSwap's Response

KyberSwap initially responded to the attack by urging users to withdraw their funds. They also expressed a willingness to negotiate with the hacker but did not provide a specific bounty for the return of funds.

On December 1st, KyberSwap announced that it would offer grants to compensate users affected by the exploit. The grants would be worth up to the USD value of the stolen funds at the time of the attack.

KyberSwap also stated that it was cooperating with law enforcement and cybersecurity teams to identify and locate the attacker.

Conclusion

The above exploit highlights the potential vulnerabilities of concentrated liquidity protocols and the need for rigorous audits and security measures. It is also important to note that in designing economic modeling, rigorous testing of boundary conditions, liquidity, and price calculations is crucial, as inequality checks alone are insufficient for robust model development.