It could have been the next market-moving DeFi hack, but thanks to bug bounty! On 7 June, Ethereum bridging and scaling solution Aurora announced it had paid out a $6 million bounty to ethical security hacker pwning.eth, who discovered a critical vulnerability in the Aurora Engine. Over $200 million worth of users' funds could have been at risk if the whitehat had chosen to exploit the vulnerability for personal gain instead of reporting it to developers. In this post, we will see what went down with Aurora and an in-depth analysis of the vulnerability. Let's get started! What Happened? A hacker, known as pwning.eth, exposed a critical vulnerability in Aurora's system, which could have jeopardized up to $200 million of funds. The hacker submitted the bug report on April 26, 2022, to their Immunefi bug bounty program. The Vulnerability The report described an inflation vulnerability that, if exploited, would allow it to mint an infinite supply of ETH in the Aurora Engine. That artificial ETH could then have been used to drain all ETH in the bridge contract (70k+ ETH, about $204M at the time of writing) When someone does a DelegateCall to Aurora's ExitToNEAR or ExitToEthereum precompiled they cannot send the balance of the EOA resulting in the engine scheduling a withdrawal for them to their NEAR or Ethereum account. For example: If an adversary had 1 ETH, they would be able to DelegateCall exit to NEAR precompile and get 1 ETH back on NEAR's NEP-141 token while retaining the 1 ETH on Aurora. Depositing this 1 ETH back and repeating this process with the 2x balance the adversary had prior, they would be able to exponentially drain the entirety of the locked NEP-141 ETH tokens. Moreover, the artificial ETH would also allow the draining out of all tokens from the liquidity pools containing ETH on Aurora and NEAR, also putting these tokens at risk.

The root cause

In the exit to NEAR and exit to Ethereum precompiles, the contract address was hardcoded with disregard to how DelegateCall works. When someone calls the contract it comes from the address of the contract always, and not from the input. Also, since the balance is from the EOA and not the contract, there is no transfer of ETH. This results in the Aurora Engine scheduling a transfer from its NEP-141 ETH balance to the adversary while it has not received an ETH transfer.

The Mitigation

A live test on the test net was conducted by Aurora Labs to confirm the bug, using the exact Solidity contract provided by the author of the exploit. In their code review, Instead of removing the hardcoded contract address, they added the code to return an exit error if the address given does not match the inputs' address. This yields the same desired result. The code change effectively disables the ability to call the contract with DelegateCall. An accompanying test was produced to ensure that the vulnerability will be tracked in case a logic change causes it to resurface. You can read more about the whole incident here.

Conclusion

Once again, Bug Bounty has proven to be an effective and proactive way to mitigate what could possibly have resulted in a market-shaking DeFi hack. Aurora Labs very wisely included the bug bounty program as the last step in a layered defense approach. A bug bounty program allows organizations to leverage the hacker community and get an outside perspective on their system. Being a blockchain security firm, we would advise every business in this arena to consider bug bounties for their platforms!

About Us

ImmuneBytes is facilitating blockchain security by employing the use of cutting-edge techniques on smart contracts and decentralized applications. We have a team of experienced security professionals who are adept at their niches and provide you with innovative solutions and consultation. So far we have worked on 50+ blockchain start-ups on different blockchain frameworks, with clients spread across the globe, and are continually unfolding ourselves to make this decentralized movement thrive.

References:

cointelegraph.com/news/aurora-pays-6m-bug-b.. investing.com/news/cryptocurrency-news/auro.. aurora.dev/blog/aurora-mitigates-its-inflat.. blockworks.co/6m-bounty-paid-to-white-hat-h..

Social:

#Aurora stalled a sizable #DeFi hack and paid out a $6M bug bounty through Immunefi, the second-highest #bugbounty ever paid in history!🔥 It could have been the next market-moving #hack, but thanks to bug bounty! To know our take on the incident, head to the link!⬇️