Previous Hacks Index

This section analyzes real-world hacks and demonstrates how assertions could have prevented them. These case studies provide concrete examples of how assertions work as a safety net, catching vulnerabilities that might slip through traditional security measures like audits and testing. Each analysis includes:

Detailed explanation of the attack mechanism
Root cause analysis of the vulnerability
Specific assertion code that would have prevented the exploit

Access Control & Administrative Vulnerabilities

Bybit - Compromised Safe Wallet UI

Attack Type: UI Compromise + Implementation Change Loss: $1.4B USD Root Cause: Compromised frontend showed fake transactions while changing proxy implementation Prevention: Implementation address change assertions and transaction validation

Radiant Capital Hack

Attack Type: Ownership Takeover Loss: $58M+ USD Root Cause: Attackers gained control of multisig signers and changed ownership of lending pools Prevention: Owner change assertions with proper validation and whitelisting

UxLink Multisig Ownership Compromise

Attack Type: Private Key Compromise + Multisig Manipulation Loss: $39.3M USD Root Cause: Compromised private keys enabled rapid multisig reconfiguration and threshold reduction Prevention: Threshold protection assertions, owner whitelisting, and cooling periods

Arithmetic & Calculation Errors

Balancer V2 Rate Manipulation Exploit

Attack Type: Rounding Error Accumulation Loss: $120M+ USD Root Cause: Accumulated rounding errors in stable pool invariant calculation manipulated exchange rates Prevention: Rate change bounds assertions detecting drastic pool rate changes within single transactions

Bunni XYZ Rounding Error Exploit

Attack Type: Rounding Error + Liquidity Manipulation Loss: $8.4M USD Root Cause: Rounding error in withdrawal mechanism led to disproportionate liquidity decreases Prevention: Withdrawal proportionality assertions ensuring balance decreases match share burns

Abracadabra Rounding Error Attack

Attack Type: Rounding Error Exploitation Loss: $6.5M USD Root Cause: Rounding error in RebaseToken mechanism allowed base value inflation Prevention: Invariant checks ensuring debt shares consistency

Vestra DAO Hack

Attack Type: Unchecked State Flag Loss: Protocol drained Root Cause: Missing validation of isActive flag in unstake function Prevention: State flag validation assertions

Compound Upgrade Bug

Attack Type: Logic Error in Upgrade Loss: $280K USD (limited by quick response) Root Cause: One-letter bug (> instead of >=) in reward calculation Prevention: Maximum reward rate validation assertions

Oracle & Price Manipulation

GMX v1 AUM Manipulation Hack

Attack Type: Reentrancy + AUM Manipulation Loss: $42M USD Root Cause: Reentrancy vulnerability allowed artificial AUM inflation Prevention: AUM manipulation bounds assertions and atomic state consistency

KiloEx Price Oracle Manipulation

Attack Type: Access Control + Price Manipulation Loss: $7.5M USD Root Cause: Lack of access controls in MinimalForwarder allowed price manipulation Prevention: Price deviation assertions and access control validation

Vicuna Finance Oracle Manipulation

Attack Type: LP Token Oracle Manipulation Loss: $700K USD Root Cause: LP tokens priced using simple sum formula instead of fair pricing Prevention: Price deviation assertions monitoring oracle changes per call

Cream Finance 2

Attack Type: Price Manipulation Loss: $130M USD Root Cause: Sudden price manipulation through asset donation to vault Prevention: Price deviation monitoring assertions

Protocol Logic Vulnerabilities

Abracadabra GMX V2 Cauldron Exploit

Attack Type: Accounting Bug Loss: $13.4M USD Root Cause: Phantom collateral created when tokens extracted without updating order value Prevention: Collateral tracking assertions ensuring borrowed amounts never exceed actual collateral

Abracadabra CauldronV4 Cook Function Exploit

Attack Type: Logic Flaw in Action Sequencing Loss: $1.8M USD Root Cause: Action sequence [5, 0] allowed solvency check flag to be set then immediately cleared Prevention: Post-transaction solvency assertions enforcing outcome-based validation

Introduction

Real World Protocols

Previous Hacks

General Use Cases

Access Control & Administrative Changes

Liquidity Pool & AMM Security

Lending Protocol Safety

Oracle Security

Vault & ERC4626 Security

Emergency & Special Mode Protection

Fund Protection

Use Case Mapping

Access Control & Administrative Vulnerabilities

Bybit - Compromised Safe Wallet UI

Radiant Capital Hack

UxLink Multisig Ownership Compromise

Arithmetic & Calculation Errors

Balancer V2 Rate Manipulation Exploit

Bunni XYZ Rounding Error Exploit

Abracadabra Rounding Error Attack

Vestra DAO Hack

Compound Upgrade Bug

Oracle & Price Manipulation

GMX v1 AUM Manipulation Hack

KiloEx Price Oracle Manipulation

Vicuna Finance Oracle Manipulation

Cream Finance 2

Protocol Logic Vulnerabilities

Abracadabra GMX V2 Cauldron Exploit

Abracadabra CauldronV4 Cook Function Exploit

Euler Finance Donation Hack

Visor Finance Unrestricted Mint

First Depositor Bug

Introduction

Real World Protocols

Previous Hacks

General Use Cases

Access Control & Administrative Changes

Liquidity Pool & AMM Security

Lending Protocol Safety

Oracle Security

Vault & ERC4626 Security

Emergency & Special Mode Protection

Fund Protection

Use Case Mapping

​Access Control & Administrative Vulnerabilities

​Arithmetic & Calculation Errors

​Oracle & Price Manipulation

​Protocol Logic Vulnerabilities

Access Control & Administrative Vulnerabilities

Arithmetic & Calculation Errors

Oracle & Price Manipulation

Protocol Logic Vulnerabilities