Flash Loans, Front-running, and Read-only Reentrancy: How Conic Finance was Drained of $3.3M

By Arhat | Truly Crypto | 21 Jul 2023

The Conic Finance exploit was a re-entrancy attack that allowed an attacker to manipulate the price of the $ETH Omnipool and drain over 1,700 ETH, worth over $3.3M.

 

This is how it happened (Refer to the visual below):   f0d419421203b71f17f1ee4ad01f2fad2d80b77cb6f4f3bf92f7404f67476047.png  

  • The attacker used a flash loan from AAVE to borrow $20k worth of $ETH
  • Through Etherscan, they interacted with the rETH-f and WETH token contracts to call the approve function on both token contracts, passing the address of the OmnipoolRouterV2 contract as the spender parameter and the maximum amount (2^256 - 1) as the value parameter.

This function allows a user to give permission to another address to spend their tokens on their behalf. The contract stored token balances and allowances as uint256 values. The maximum possible uint256 value is 2^256 - 1.

By approving the contract to spend 2^256 - 1 amount of their tokens, the hacker could trigger an overflow when the contract did the math using those approvals and balances to calculate the invariant.

This overflow resulted in the invariant being miscalculated as a very large number. When the hacker went to remove their liquidity, their proportional share was much larger than it should have been because of the incorrectly large invariant.  

  • The hacker received confirmation that their transactions were successful and that the "OmnipoolRouterV2" contract approved their tokens for spending.

This means that the OmnipoolRouterV2 contract can now transfer their tokens from their address to another address, up to the maximum amount specified.  

  • The hacker called 'getUSDPrice' and manipulated the returned rETH-f price to be inflated. The OmnipoolRouterV2 contract relied on this manipulated rETH-f price for its swap calculations. The hacker used a front-running technique, which involves placing a transaction with a higher gas fee before another transaction in the same block, to inflate the rETH-f price.

 

  • The getUSDPrice function was part of the GenericOracleV2 contract, which Conic Finance used as its price oracle.
  • The GenericOracleV2 contract was based on Uniswap v2, which is known to be vulnerable to flash loan attacks and front-running, which can manipulate its prices.
  • The attacker exploited this vulnerability by using a flash loan to deposit some $ETH and $rETH tokens into Uniswap v2 as liquidity, which changed the ratio of tokens in the pool and affected the price. They then called "getUSDPrice" before anyone else could react, which returned the manipulated price based on Uniswap v2. The hacker then withdrew their liquidity from Uniswap v2, reversing the price change.

 

  • They then deposited some ETH and rETH-f tokens into the OmnipoolRouterV2 contract as liquidity. By making this deposit, the hacker inflated the rETH-f price using the same front-running technique.
  • In the same transaction, the attacker swapped some ETH for rETH-f using the OmnipoolRouterV2 contract. The contract used the inflated rETH-f price from "getUSDPrice" for this swap.

This gave them more rETH-f than they should have received.  

  • Still, in the same transaction, the attacker called "getUSDPrice" multiple times, which returned the same inflated price due to read-only reentrancy.

Read-only reentrancy is an attack that allows an attacker to repeatedly call a function that does not change the state of the contract but returns some value that can be used to manipulate other contracts.  

  • The attacker swapped the rETH-f back to $WETH using the "OmnipoolRouterV2" contract. The contract again used the inflated price for this swap calculation.

  This gave them more WETH than they should have received.  

  • The hacker repaid the flash loan with a profit of 1701 $WETH.

 

Thank you for reading, and follow me here and on Twitter for more regular post updates.

If you find my work resourceful, please consider donating to 0xd95d4b14dcfa941bf916255b3624c0bfb22166c8 (Ethereum/Optimism/Arbitrum/BSC chain).

I’d also appreciate it if you shared this with your friends, who would enjoy reading this.

You can find my other research & investment thesis here: https://bit.ly/3CjMvoA

Thank you.

 

Resources

  1. https://etherscan.io/tx/0x8b74995d1d61d3d7547575649136b8765acb22882960f0636941c44ec7bbe146
  2. https://explorer.phalcon.xyz/tx/eth/0x8b74995d1d61d3d7547575649136b8765acb22882960f0636941c44ec7bbe146
  3. https://etherscan.io/tx-decoder
Ethereum (ETH) DeFi Ethereum DeFi Decentralized Exchange Hack

How do you rate this article?

19
Arhat
Arhat Verified Member

Investor at L2 Iterative Ventures. Prev: Founder 3z3 Labs. I write about web3 use cases, hacks, and deep dives.

Truly Crypto
Truly Crypto

On Hacks, Use Cases & Deep dives.

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.
A little sun, a little rain, a little wind. A classic June - My Actifit Report Card: June 5, 2026 A little sun, a little rain, a little wind. A classic June - My Actifit Report Card: June 5, 2026
marianomariano68

marianomariano68

2 hours ago
1 minute read

Crypto Market And Trading Update : Crashed Crypto Market And Trading Update : Crashed
shohana

shohana

48 minutes ago
1 minute read

TronSave Weekly Earnings — Week 16 (Passive Income from TRX Staking & Energy Lending) TronSave Weekly Earnings — Week 16 (Passive Income from TRX Staking & Energy Lending)
TRON Dream Chaser

TRON Dream Chaser

11 hours ago
2 minute read