Postmortem, August 16th, 2021
Participants: samczsun, Georgios Konstantonopoulos, Dan Robinson, Duncan Townsend, Mitchell Amador, Joseph Delong, Mudit Gupta, Keno, Omakase
Tech Team: samczsun, Georgios Konstantopoulos, Duncan Townsend, Keno, Mudit Gupta, Omakase
Comms Team: Mitchell Amador, Joseph Delong, Omakase
On August 16th, 2021 at 17:40 UTC Sushi was alerted of a vulnerability within the Miso Dutch Auction contract submitted by samczsun, Georgios Konstantopoulos, and Dan Robinson. The contract in question is here: https://etherscan.io/address/0x4c4564a1FE775D97297F9e3Dc2e762e0Ed5Dda0e#code
No user commitments or creator minted tokens have been lost. The contracts were not pausable or upgradeable, however since the auction had reached its max commitment we recommended the auction creator immediately finalize the auction, thereby safeguarding funds from any potential harm. No user action is required. No funds have been lost. The current BIT-SUSHI auction remains unaffected and no outstanding auctions are affected by this vulnerability.
The potential vulnerability centers around the commitETH function on Miso Dutch Auction. Combining batch with commitETH creates a two pronged issue where a user can both put up a commitment higher than `msg.value` thereby draining any unsold tokens and additionally drain the raised funds on the contract as refunds if the auction has reached max commitment. This vulnerability is effectively mitigated if the auction is finalized.
This is caused by an incorrect handling of `msg.value`
Both cases can be achieved within one transaction, allowing the user to walk away with all underlying ETH funds (by attempting to refund user as many times as the user calls the commitETH function) and the unsold tokens
All future planned auctions utilizing the specific dutch auction contracts with ETH commitments have been paused until an updated version is redeployed. Sushi immediately called in Immunefi to help mitigate and advise on the vulnerability and response measures.
No vulnerabilities affect the SUSHI-BIT auction and it still remains live. Airdrop bonuses detailed by the auction creator are equally accessible to those who participate in the remaining tranches of the SUSHI-BIT auction. As of this writing, the current remaining commitment amount is associated within the 17.8% bonus tranche.
We’d like to thank everyone who pitched in to help protect the Sushi community, most notably, samczsun, Georgios Konstantonopoulos, and Dan Robinson.
We’d also like to thank Duncan Townsend and Mitchell Amador for their continual, immediate and professional support.
Sincerely,
Sushi
Halborn audit of Miso contracts:
https://drive.google.com/file/d/1F9BSA9Q0WFv2LGL8AQuvzvxZllT2w4um/view?usp=sharing
Certora formal verification of Miso contracts:
https://github.com/sushiswap/miso/tree/master/spec
MixBytes draft audit of Miso contracts:
https://drive.google.com/file/d/1tcYBuKF5XUYTaMokvN5Om5Bg3_32huXR/view?usp=sharing