Get Mystery Box with random crypto!

Be Patient With Me On the Breakdown As stated before, this w | LibreCharts

Be Patient With Me On the Breakdown

As stated before, this was a really complex transaction to breakdown.

And there's really no way to summarize it. Also, adding to the complexity of analyzing this transaction is the fact that there are so many moving parts to account for here.

To give you an idea:

1. There's a cUSDC/cUSDT pool (Compound lending) that's also present within the Curve.fi ecosystem, making that relevant.

2. Since the exploit involved two flash loans combined and the re-collateralization of borrowed funds on Compound, the target (that's what I'm going to call them here out) was able to generate 10 million cETH. The Compound synthetic derivatives far outnumber their reference asset counterparts - and that's been the case for a while.

3. The attacker generated an uneven amount of USDC, USDT and DAI.

4. Yearn makes these stableswap pools fungible. So you can add any stablecoin in there you want (just one) and still receive an even distribution back. Or you can just deposit the stablecoin and get an LP token back. You also can stake that LP token for CRV, or you could forego that entire process for a wrapped asset. It appears that the target initially extracted DAI from the pool via depositing USDC (to begin with), creating a massive imbalance (which would shoot up the price of USDC).

5. Another aspect to take into account is that the interest rates / fees distributed to LPs on yearn are calculated, in part, by the total volume in trades.

From that point, several different actions happen concurrently. DAI is staked in the DAI vault (for yDAI; v1 vaults function differently than v2).

3crv is minted (LP token) and extracted from the vault at crazy numbers via the target's smart contract. That 3crv is actually sent to another address (pre-programmed by the smart contract). That other address is, itself, a smart contract. That smart contract executes the burn function on the 3crv to squeeze out the DAI from the vault, but within that call is a directive on where to send those funds to.

On top of this, the original caller (0x14 address), made calls on a different contract each time (even though they all executed the same function - making them identical ; confirmed that on Etherscan.io). Guessing this was for obfuscation in some way. Some other contracts were made days ago.

Initially thought those contracts were "practice", but when I looked closer, it was clear that those contracts were additions to the orchestra of moves that were carried out by the target. So there were far more than 160 events going on.

Had to pull up documentation from yearn finance as well as Compound + MakerDAO + yearn.finance (some of it got 403'd).

Even the transactions involving Tornado Cash were difficult to intelligibly discern at times.
Next Message
telegram-crypto.com © 2016-2024
Non official site about Telegram
All rights reserved. Copying and using of full materials is prohibited, partial quoting is possible only with a hyperlink to the site telegram-crypto.com.