Try   HackMD

Postmortem (26/04/2022)

Postmortem: 26th April, 2022

Participant: Sushi Core Team (Sarang, Matthew, Ramin, Jiro), Synthetix (JJ, Ethernaut)

On April 26, 2022 at 11:33 PM UTC Sushi was alerted of a bug at handling of SNX token inside Bentobox.

TLDR: ALL USER FUNDS ARE SAFE. DON'T DEPOSIT SNX OR ANY SYNTHETIX BASED ASSETS ON BENTOBOX

Bentobox Contract: https://etherscan.io/address/0xf5bce5077908a1b7370b9ae04adc565ebd643966

The SNX token had two contracts, Target and Proxy.
These contracts mirrored the balances of SNX within each other, as they share the same storage.
Bentobox allows users to deposit via sending tokens directly to the contract (skimming).

SNX Target Token Contract: https://etherscan.io/address/0xE95A536cF5C7384FF1ef54819Dc54E03d0FF1979

SNX Proxy Token Contract: https://etherscan.io/address/0xc011a73ee8576fb46f5e1c5751ca3b9fe0af2a6f

As per the SNX recommendation, Bentobox and Kashi were using the Proxy token contract on the Sushiswap UI.

However, the bug arises when the user deposits using the Target token contract, which bentobox treats as a different token as expected.
When the Target token contract SNX is withdrawn, it also updates the Proxy token contract balance, and the user receives both Target and Proxy tokens, instead of just Target Token Contract SNX.
However, as this is not registered inside the Bentobox, it would ultimately allow for draining the entire Proxy Contract SNX tokens.

I.e. Anyone could deposit 0 SNX Target tokens. As Bentobox has the unskimmed balance of SNX target tokens, you can deposit the entire amount of Proxy SNX tokens, without depositing any actual tokens. Were the user to withdraw, it would withdraw both SNX Target and Proxy tokens, leaving the Bentobox balance as 0 in both the contracts, hence draining the entire vault.

This issue was present with every Synthetix based asset. So, any SNX tokens for Synthetix based assets on Bentobox would be at risk.
On further investigation we found that only SNX and sUSD were deposited on Bentobox.

Most of these tokens were being used at Kashi for Lending and Borrowing.

Using the above exploit anyone could have drained the respective Kashi Pairs, causing loss of funds to the lenders and borrowers.

Bentobox is safe for the Standard ERC20 Tokens. However, it can act not as expected in case of tokens that use older proxy patterns, such as SNX.
Other proxy patterns, such as eip-1167 (utilized by MISO) are unaffected.

As Kashi is an isolate lending market, only these markets were affected and other markets are completely safe.

In order to rescue the funds, the Sushi Team created a Whitehat Rescue Contract, which rescued the SNX and Synthetix based tokens inside Bentobox and Kashi.

While executing the whitehat, one of the transactions got relayed to the public mem pool, and it was frontran by a MEV bot. We requested the MEV bot to return the funds, their response was very quick and they returned the tokens to Sushiswap Operations Multisig.
We appreciate and thank them for returning the funds.

All the funds were rescued and were sent back to the affected users.

SNX Distribution Transaction: https://etherscan.io/tx/0xf6825ce58f2bbee0de1d1df0e7a5cb94b3d0b7b02bc0c69e81dfcd94c6a8bc9d

USDC Distribution Transaction: https://etherscan.io/tx/0x1697f7bf07e06f8e716e9d7b18bc48933a3359196642dcf55e2f037a1eff5b2d

sUSD Distribution Transaction:
https://etherscan.io/tx/0x3635ad5a9f2b4ec6bb81b3e362185a87fd5adf05110da1b8f0ce07090731c143

NOTE:
DO NOT DEPOSIT ANY REBASING TOKENS, SNX OR ANY SYNTHETIX BASED ASSETS ON BENTOBOX. ALL REBASING TOKENS, SNX or SYNTHETIX BASED ASSETS DEPOSITED WILL BE LOST.

We are taking the following steps to mitigate this issue.

Firstly, by not allowing the SNX or Synthetix based tokens to be deposited via the Sushiswap UI on Bentobox.

Secondly, all the Kashi Pairs with SNX or Synthetix based tokens are also disabled from the Sushiswap UI.

Total amount of SNX rescued: 7,150 SNX
Total amount of USDC rescued: 14369 USDC
Total amount of sUSD rescued: 1083 sUSD

All other Kashi Pairs and Sushiswap products are unaffected from this incident.

We'd also like to thank Immunefi, Synthetix Team and Vahid from Flipside.

Thank You,

Sushiswap Team

Last changed by 
Sushi
Sushi Contributors
0
972

Read more

Sushi 2.0 🍣

The early part of 2021 was fantastic for Sushi, the team, the holders, and the community. We were leading the way with a number of innovative product releases and pulling off what felt like the impossible. However, we were plagued with consistent issues for most of the remaining year which hurt the morale of the team, trust was lost with the community, and productivity was at an all-time low. 2022 will be better. We have composed an ambitious roadmap of some of the key product releases, improvements, and ideas from the team that we'd like to tackle. Three core overriding goals: Scalability Sustainability Efficiency Hybrid Exchange Permissionless AMM is a great model, it works, it scales, but has its own trade-offs and drawbacks. Moving to a hybrid model which combines the benefits of a permissionless AMM, and of decentralized order books, both on and off-chain is the way forward. It unlocks a huge volume potential by capturing the positive flow from aggregators, by offering the best execution prices which by default incentivizes volume. Even more, can be done though. Utilizing abstractions of layers & networks, liquidity could be utilized cross-chain via various solutions such as Layer Zero, for example, to provide the lowest execution price no matter what network you live on. The same idea can be replicated among various products in the Sushi ecosystem.

Feb 13, 2023
SushiXSwap Scenario Doc

SushiXSwap - Cross Chain Swap Sushi-X-Swap enables cross chain swaps on Sushiswap on the supported networks. It supports all combinations of wallet, bentobox, trident and legacy AMM. It supports Stargate bridge as of now. Scenarios We assume that the tokens and bentobox approvals are already done. If not, add that at the start of the action. Asset Transfer - Stargate Supported Assets - USDC, USDT, STG BentoBox - Stargate - BentoBox In this case, use ACTION_SRC_TRANSFER_FROM_BENTOBOX and unwrap the tokens to this contract address. After this add action STARGATE_TELEPORT. On the dst chain, use ACTION_DST_DEPOSIT_TO_BENTOBOX, which deposits it to the bentobox.

May 23, 2022
Incident Report (12/10/2021)

Incident Report: Integrating the new SushiMaker contract While testing efforts to improve the operations of bridging of LP fees back to SushiMaker on Ethereum Mainnet from an expansive list of networks, a portion of fees was sent to the pool itself resulting in a loss of $400,000 fees from Polygon to the SushiBar. The new SushiMaker offers a variety of advantages including prevention of potential sandwich attacks when unwinding LP positions to buy SUSHI. During a particular unwinding action to deal with an edge case, $600k worth of fees were sent back to the pool address, due to wrongful encoding. The relevant transaction can be found here: https://polygonscan.com/tx/0x5610e8b733e371c1277458cf860a600f6c39c35f79fb2b7358d69118d27771cf

Jan 11, 2022
Postmortem (08/16/2021)

Postmortem: August 16th, 2021 Participants: samczsun, Georgios Konstantonopoulos, Dan Robinson, Duncan Townsend, Mitchell Amador, Joseph Delong, Mudit Gupta, Keno, Omakase Tech Team: samczsun, Georgios Konstantopoulos, Duncan Townsend, Keno, Mudit Gupta, Omakase Comms Team: Mitchell Amador, Joseph Delong, Omakase On August 16th, 2021 at 17:40 UTC Sushi was alerted of a vulnerability within the Miso Dutch Auction contract submitted by samczsun, Georgios Konstantopoulos, and Dan Robinson. The contract in question is here: https://etherscan.io/address/0x4c4564a1FE775D97297F9e3Dc2e762e0Ed5Dda0e#code No user commitments or creator minted tokens have been lost. The contracts were not pausable or upgradeable, however since the auction had reached its max commitment we recommended the auction creator immediately finalize the auction, thereby safeguarding funds from any potential harm. No user action is required. No funds have been lost. The current BIT-SUSHI auction remains unaffected and no outstanding auctions are affected by this vulnerability.

Jan 11, 2022
Read more from Sushi
Published on HackMD