How Helio Lost $15M Due To An Oracle Exploit
Dec 2nd witnessed the exploit on the Ankr project, which led to a loss of $5 million, followed by an attack on Helio, resulting in the attacker gaining approximately $15.5 million. The Helio team acknowledged the ongoing exploit.
Helio is a BNB-chain-based staking platform with $HAY as the protocol's native stablecoin, over collateralized by $BNB(contract source codes can be found here), whereas Ankr provides a full suite of developer tools to help build web3 apps(across 18+ chains, making it one of the most powerful multi-chain tool suite for web3). Read more about the Ankr protocol here.
An oracle is a program that fetches data between off-chain sources and on-chain services. A smart contract can not access any data feed outside of the chain the contract is deployed to, and as a result, we need oracles to provide this type of data to contracts should it be necessary.
To understand the Helios hack, let's first take a look at what went wrong with Ankr, a "node as a service" platform. The $aBNBc token contract is an upgradable contract, i.e., with the correct permissions, the user can make the proxy contract point to a new logic contract. The attacker was able to compromise a private key that was used to govern contracts.
Using this key, the attacker could upgrade the contract to their malicious version and mint themselves 10 trillion $aBNBc($5 million); see the attacker's transaction here. The attacker then used PancakeSwap to swap $aBNBc for $USDC and $BNB and then swapped them for $ETH.
Due to this attack on Ankr, the price of aBNBc fell 99%( $0.02168), allowing the attacker to conduct the attack on helios.
After the attacker had successfully exploited the Ankr protocol, another attacker bought roughly around 183,000 $aBNBc using 10 $BNB from 1inch network.
The 183,000 $aBNBc were then used as collateral on the Helio Protocol to get 191,130 $hBNB tokens in return.
Helio's price oracle was not updated during the attack on $aBNBc. Due to this, the attacker borrowed 16 million $HAY.
The BUSDs were then transferred to the attacker's address (0x4c7f5513894a99260bbfcf88311b544d6ca12757) involving 3 different transactions.
Helio states that they are working to resolve this situation and, meanwhile, has advised the users to avoid any transactions in HAY. The HAY pool currently holds around $19 million in locked funds.
Helio's team announced that Ankr protocol and Helio were working together and had agreed that Ankr would pay for Helio's bad debt (due to the exploit).
After the attack on Helio, the price of the stablecoin $HAY de-pegged to a value of $0.21, and to re-peg this value of $HAY, Ankr decided to buy any extra $HAY that is produced as a result of the exploited $aBNBc and then send $HAY to a burn address.
The whole chain of attacks traces back to the attacker(s) gaining access to a private key used to govern contracts. Ankr used a single private key, whereas they should have used a multisig instead, e.g., a 3/5 multisig where even if one of the private keys gets compromised, the attacker must compromise two more keys to make the attack work. This was a classic case of lack of access management.
The attack started with a simple private key compromise, and as a result, ~$20 million was stolen by the attacker.
Oracle exploits continue to exist, and there is no 100% safeguard against these, although using decentralized oracle networks could be more resistant to this type of attack.