HackMD
Binance $wBETH Centralization Risk Analysis Report
Abstract
Recently, Binance's Earn team at Curve.fi launched a proposal to add $wBETH to the gauge controller, a move that will enable the distribution of gauge weights, which its users can use to mint $CRV.
The Supremacy research team is committed to exploring cutting-edge projects and building a secure and stable ecosystem. Considering the importance of the ecosystem security of Curve.fi and Binance, we decided to perform a centralized risk assessment of $wBETH.
This report is not intended to be used as any financial advice.
Introduction
Wrapped BETH ("WBETH") is a special kind of BETH, and is a token created by depositing BETH into the BETH wrapper. Each WBETH represents 1 BETH (1:1 to staked ETH) plus all of its accrued ETH2.0 staking rewards starting from when WBETH's conversion rate was initialized at 1:1 on 27 Apr 2023 00:00 (UTC+0).
In other words, WBETH is reward-bearing in nature. It reflects ETH2.0 staking rewards not by growing in quantity, but by growing in value in relation to BETH. Over time, the price of WBETH will likely be worth more BETH.
About Us
Supremacy is a leading blockchain security agency, composed of industry hackers and academic researchers, providing clients with a one-stop security solution for the whole life cycle with our technology precipitation and innovative research.
We are reachable at Telegram (https://t.me/SupremacyInc), Twitter (https://twitter.com/Supremacy_CA), or Email (contact@supremacy.email).
Risk Analysis
On this basis, we will analyze the ultimate harm caused by centralization risk: Direct transfer of assets.
- FiatTokenProxy
0xa2E3356610840701BDf5611a53974510Ae27E2e1
This address has been used on Ethereum, BNB Chain. This is a proxy contract that is used to forward messages to logic contracts.
- WrapTokenV1(ETH/BSC)
0x523177Fbe442aFB70b401d06bB11EC7b8684EceE
This address has been used on Ethereum, BNB Chain. This is the logic contract of the $wBETH wrapper section for processing messages.
At this stage, only one WrapTokenV1(ETH/BSC) contract is used to deposit $ETH as a method of mint $wBETH. Based on the native token characteristics of ETH, we thought about how it differs in Ethereum and other EVM Chains (i.e. BNB Chain).
Ethereum: ETH = Native token
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
At the contract level on the Ethereum platform, any asset transfer involving ETH, either to or from, is bound to involve calls to .transfer, .send, .call.
In this case, it uses .call to transfer the $ETH to the ethReceiver account.
BNB Chain: ERC20 token // 0x2170Ed0880ac9A755fd29B2688956BD959F933F8
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
In the BNB Chain platform, it uses the safe class function to transfer ETH assets based on ERC20.
Based on this discrepancy, we cautiously checked all the functions involved in transferring out assets and unexpectedly found a function in the WrapTokenV1BSC contract of the BNB Chain platform that can transfer out ETH assets deposited by all users.
/**
* @notice Rescue ERC20 tokens locked up in this contract.
* @param tokenContract ERC20 token contract address
* @param to Recipient address
* @param amount Amount to withdraw
*/
function rescueERC20(
IERC20 tokenContract,
address to,
uint256 amount
) external onlyRescuer {
tokenContract.safeTransfer(to, amount);
}
In general, the rescue() function is used to release token assets that have been transferred to the contract for unintended behavior.
However, in that implementation, the developers did not think about the potential centralization risk that the feature could lead to due to differences in asset types.
Calling this function triggers a preemptive access control mechanism, onlyRescuer, which checks if the caller is a rescuer privileged account that can be changed at will by the owner of the contract by calling updateRescuer.
/**
* @notice Assign the rescuer role to a given address.
* @param newRescuer New rescuer's address
*/
function updateRescuer(address newRescuer) external onlyOwner {
require(
newRescuer != address(0),
"Rescuable: new rescuer is the zero address"
);
_rescuer = newRescuer;
emit RescuerChanged(newRescuer);
}
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
We checked the owner's account and confirmed that it was a single-signature EOA account, which means that a leak of the private key or internal mischief could lead to very serious consequences. Based on this potential risk, we contacted Binance's earn team through a friend and they confirmed that the account's private key was controlled by the finance department and had a certain level of security, so the risk could be mitigated.
In the end, we found that Binance had commissioned Peckshield to perform a security audit of its wBETH, and in their report they did not mention any potential risks regarding the rescueERC20() function.
Recommendation
However, there is always a corresponding risk of centralization at the code level, and we recommend adding a check for ETH Address to rescueERC20() to ensure that assets other than those expected cannot be transferred through this function.
/**
* @notice Rescue ERC20 tokens locked up in this contract.
* @param tokenContract ERC20 token contract address
* @param to Recipient address
* @param amount Amount to withdraw
*/
function rescueERC20(
IERC20 tokenContract,
address to,
uint256 amount
) external onlyRescuer {
+ require(tokenContract != _ETH_ADDRESS);
tokenContract.safeTransfer(to, amount);
}
Disclaimer
Supremacy reports do not provide any indication of the technologies proprietors, business, business model or legal compliance. As such, reports do not provide investment advice and should not be used to make decisions about investment or involvement with any particular project. Supremacy has the right to distribute the Report through other means, including via Supremacy publications and other distributions. Supremacy makes the reports available to parties other than the Clients (i.e., “third parties”).
