Skip to main content

8 posts tagged with "smart-contract-security"

View All Tags

· 6 min read
Ayden Duan

Disclaimer

The information provided through the BNB Chain community does not constitute advice or recommendation for investment or trading. Projects are listed in no particular order below. BNB Chain does not take responsibility for any of your investment decisions. Please seek professional advice before taking financial risks.

Contract names are there for reference only, there may be legitimate contracts which share the same name, always double check The contract addresses which are the unique identifier of any smart contract.

Overview

In September, a number of projects suffered attacks due to the leakage of their hot wallet private keys, leading to substantial financial losses for both the projects and their users. In this article, we will analyze these types of attack incidents using several examples and finally provide some practical suggestions from a security perspective to help project teams avoid such breaches in the future.

Stake's Unanticipated $41 Million Withdrawals

stake.com, a crypto gambling protocol, offers a variety of casino games such as dice, blackjack, Lingo, and more. Additionally, they provide sports betting options for basketball, tennis, volleyball, and others. On September 4th, Stake.com encountered an abnormal outflow of funds, totaling approximately $41 million.

The attack transpired across multiple chains, incurring losses of around $15.7 million on ETH, $7.8 million on Polygon, and $17.8 million on BSC. This brought the cumulative losses to over $41 million.

One of the fraudulent transactions can be traced back to: transaction.
From the transaction details, it's evident that the funds were transferred directly from Stake.com's hot wallet: transaction to the attacker's address. Subsequently, the funds were dispersed among numerous accounts.

Stake confirmed this security breach via social media, stating, "Three hours ago, unauthorized transactions were initiated from Stake's ETH/BSC hot wallets." As a result of this security incident, Stake's operations were temporarily put on hold.

The CoinEx Fund's 6.2 Million Dollar Loss

Stake.com isn't the only entity that has fallen prey to a breach of hot wallet private keys. On September 12, 2023, CoinEx detected irregular withdrawals from several of its hot wallet addresses, which were utilized to store user assets. The unauthorized transactions affected 19 chains, including $ETH, $TRON, and $MATIC, bringing the total loss to an estimated $55 million.

One particular unauthorized transaction can be seen here: transaction. One can observe that the assets were directly transferred from CoinEX's hot wallet, transaction, to the hacker's address. This indicates that the culprits may have managed to seize control of CoinEX's hot wallet's private key.

Following the hacking event, CoinEx temporarily suspended crypto deposits/withdrawals, relocated assets to more secure addresses, overhauled and redeployed the wallet system, and engaged in efforts with other exchanges to freeze the attacker's assets.

Unauthorized Transactions Drain Over $2.7M from Remitano Exchange A mere week after CoinEx fell victim to a cyber intrusion, another exchange, Remitano, succumbed to unauthorized transactions that led to over $2.7 million being pilfered from its wallet across various chains, including #Ethereum and #TRON.

To illustrate the scenario, consider one of the unauthorized transactions on the ETH chain: transaction.

We can observe that approximately 1.3M USDT was directly shifted from Remitano's hot wallet wallet to the assailant's address wallet. Consequently, the perceived Remitano hack also appears to be a consequence of their hot wallet's private key leakage. This presumably allowed the hacker to gain direct control over the hot wallet and transfer all assets.

Gratefully, Tether responded promptly and froze two addresses allegedly utilized by the assailant on both the #Ethereum and #TRON chains, potentially preserving 2.7M $USDT.

Security Recommendations from HashDit

Since last September, numerous instances of hot wallet private key leaks have rattled various projects. Though Stake and CoinEx have stated that the affected funds comprise only a minor share of total assets, and users' funds are safeguarded, Twitter responses reveal growing public suspicion of insider activities at these projects, dramatically undermining user trust. These incidents underscore the significance of proactive risk management concerning project wallets and funds. HashDit, consistently carrying out related security tasks, offers the following recommendations based on our experience in averting hacking incidents:

  1. Adopt Comprehensive Address Planning and Isolation Design: For high balance addresses, refrain from frequent participation in DeFi contract operations. Replenish hot wallet balances regularly in batches to minimize balance fluctuations and risk exposure.
  2. Enforce Distributed Access Rights: Avoid allotting comprehensive access rights to the hot wallet to a single entity. Utilize a multisig wallet or MPC solution to necessitate multiple approvals for transactions, bolstering security measures.
  3. Monitor Key Management: Treat the access key to hot wallets as a critical asset and protect it with a suite of physical and digital measures. Avoid storing key duplicates on vulnerable networks, like emails or cloud storage.
  4. Initiate Regular Security Audits: Conduct periodic security audits on hot wallets to identify prospective threats or vulnerabilities. Regularly reinforce and upgrade security measures, including ensuring the appropriateness of hot wallet approvals.
  5. Institute Transfer Limits: Establish a cap for single or daily transactions to mitigate potential losses.
  6. Implement Ongoing Education and Training: Provide continuous security education for team members engaged in asset management, arming them with the ability to recognize and counteract potential threats.
  7. Craft Backup and Recovery Plans: Devise a robust plan to ensure swift recovery during unanticipated incidents.
  8. Maintain Secure Operations: Avoid transacting over unencrypted networks and processing in vulnerable settings, like public WiFi environments.
  9. Activate Two-Step Verification: Implement two-step verification for all accounts and services associated with the hot wallet.
  10. Leverage Audit Logs: Preserve and periodically review all hot wallet operation logs to detect and trace any suspicious activities. These are broad suggestions for hot wallet management, yet specific strategies may need tailoring based on individual projects. Don't hesitate to reach out to HashDit for any security consultation. Our mission is to secure your WEB3 journey.

https://hashdit.github.io/hashdit/blog/smart-wallet-migration-guide

About HashDit?

HashDit is building a safe blockchain ecosystem on BNB Chain by providing threat intelligence, code auditing and instant analysis for smart contracts. In the vast and ever-evolving world of Defi investing, HashDit stands as a beacon of trust and knowledge for everyday investors. HashDit is a member of AvengerDAO, which is a community-driven initiative created to protect users and projects on BNB Chain from malicious actors and activity.

· 14 min read

Ponzi Schemes in Web3 --- Swamps in the Dark

A guide on how to stay safe when interacting with DeFi projects

Disclaimer

The information provided through HashDit does not constitute advice or recommendations for investment or trading. HashDit is not responsible for any of your investment decisions. Please seek professional advice before taking financial risks.

What's a "ponzi"?

According to Wikipedia, the Ponzi scheme is a form of fraud that lures new investors and pays profits to earlier investors with funds from more recent investors. As you can imagine, if recent investors pay to earlier investors then... who pays the recent investors? The answer is, the even more recent investors. And if there are no more recent investors, then the latest ones remain with a loss, and the scheme collapses.

The ponzi scheme is often referred to as pyramid scheme, because to pay the "higher floor" investors with a profit, a larger, "lower floor" has to be created, like in the picture below.

https://sperrinlaw.net/financial-crime-fraud/ponzi-fraud/

Since the pyramid is not a real business, in terms of creating a product or a service and leveraging it to earn money on the market, in order to keep the funds flowing in, new investors have to be recruited and their "investment" is used to pay the old investors, who can then report significant returns on their investments. This creates an illusion of a profitable business, at least as long, as the current "lowest floor" manages to recruit new members.

If that's so obvious, then why people keep falling for it? Usually, the ponzi schemes are disguised as legitimate investments or projects. They will do everything to hide it's true nature so the new coming investors will believe they just met an investment of their lifetime. And when the scheme falls, it's already too late to run away.

Are there ponzi schemes in web3? If so, how to spot them? How not to lose money? Read on to learn more!

Ponzi schemes in Web3

Although Ponzi schemes originated in the traditional financial world, with the development of DeFi (Decentralized Finance), these fraudulent business models have also started to emerge in Web3. Web3 Ponzi schemes take advantage of the following features of DeFi, attracting investors through high returns and incentives.

  1. Anonymity: The decentralized nature of DeFi allows Ponzi scheme operators to remain anonymous, making it difficult to trace and hold them accountable.

  2. Utilizing smart contracts: A smart contract is a self-executing, self-enforcing protocol governed by its explicit terms and conditions. It stores and carries out contractual clauses via blockchain. These schemes use smart contracts to automate their operations, making them harder to detect while promising high returns on investments.

  3. Tokenization: Some Ponzi schemes create their own tokens and use them for fundraising. They offer high rewards in the form of tokens, which may have little to no real value.

  4. Limited regulation: The DeFi space has limited regulation, making it easier for Ponzi schemes to operate without being detected or shut down by financial authorities.

  5. Low cost: Ponzi scheme projects can be fully autonomous and deployed at lower costs. They can even be continuously cloned.

So, how can one identify if a Web3 DeFi project is a Ponzi scheme or not?

Firstly, let's look at the project characteristics. Ponzi schemes usually have the following features:

  1. Typical Web3 Ponzi schemes often employ aggressive marketing tactics, promising high and fixed short-term returns. For example, the official websites of such projects usually contain descriptions like "fixed daily profit". However, we know that fixed daily returns are unrealistic, and this is one of the biggest flaws in Ponzi schemes. In the cases we've accumulated, some Ponzi projects have even promised 25% daily interest rates!

  2. High Referral Incentives: Ponzi schemes often combine with pyramid scheme marketing, aiming to attract more new investors and subsequent investment funds. Therefore, they often advertise a referral reward system on their official websites, sometimes even with multi-level referral rewards. Typical pyramid scheme descriptions include terms like "tiered referral rewards." The two images below are tiered referral reward system diagrams taken from Ponzi scheme websites:

  1. These schemes usually disguise themselves as staking or mining projects to attract investors' principal investments and recruit new participants. However, in fact, they generally do not offer any real products or services but just promise an ability to make money. They often incorporate some popular trends, for example, AI or ChatGPT, promoting their projects as groundbreaking and innovative, as they need to attract more people and maintain an appearance of legitimacy.

Below are some additional features that can help investors determine whether a project is a Ponzi scheme. Please note that these traits are not exclusive to Ponzi scheme projects. Generally, the more of these a project has, the higher the risk:

  1. No proper investments: The project appears to have no investments or partnerships, which means that the project lacks any business endorsements.

  2. Opaque team information: The team behind the project remains anonymous to the public, making it easier for such projects to engage in malicious activities with lower costs.

  3. Lack of documentation: There is a lack of documentation and whitepapers, as the project does not provide details about its internal operations and how it achieves these high returns. This is a potential red flag.

  4. No external audit report: Projects with audit reports generally have a relatively smaller chance of encountering security issues. However, please note that having an audit report does not guarantee absolute security, as the audit report may only cover certain contracts and not examine the entire economic ecosystem of the project. The reliability of the audit report is also important, depending on the issuer and quality; well-known and reputable audit companies usually have greater credibility.

Decrypting a Ponzi project smart contract

Are you a more tech-savvy user? That's great. If you have some familiarity with Solidity code or want to learn it, we encourage you to go through the code snippets below to understand some of the characteristics of Ponzi scheme smart contracts.

As we mentioned earlier, Ponzi scheme Web3 projects generally don't have any real products, and therefore don't require many smart contracts. In their entire project ecosystem, there are usually only a few investment contracts that directly interact with users. At most, there might be an additional token contract, with the token often serving as a staking reward. However, this token typically won't be created on any decentralized exchange (DEX), meaning that holders of this token cannot swap it for other valuable tokens or stablecoins.

Next, we will delve into the characteristics of Ponzi investment smart contracts by using some code snippets as examples.

  1. There is no method in the contract to withdraw the initial investment; it only allows for receiving dividends based on time

    For example, in the below withdraw function, users cannot withdraw their principal investment; they can only withdraw dividends along with potential referral earnings.

    This is also the difference between Ponzi schemes and regular mining/staking contracts.

  2. Dividends are calculated based on a fixed daily returns ROI and time. For example, in the getUserDividends function below, the user's dividend is calculated by multiplying the fixed daily return rate for the user's deposit plan by the time elapsed. Typically, the daily return ROI is a hard-coded value or constant.

  1. The code contains logic related to a Referral system. As we mentioned earlier, Ponzi investment smart contracts usually include a referral system, providing users with additional incentives for bringing new users into the scheme.

    For example, in the contract below, there is a tiered referral reward mechanism, with first, second, and third-level referrers receiving referral rewards at a ratio of 9:2:1.

    Of course, the referral rewards come from the principal investment of later investors. As can be seen, the invest function in the code distributes part of the user's investment amount to all referrers at their respective levels.

  1. The project party generates revenue by charging tax fees on users' deposits. For example, in the code below, the project party charges a 5% dev fee on the user's principal, so they can profit as long as there are new users, regardless of how much money remains in the pool.

However, sometimes the project party does not directly impose a tax fee, claiming to have a 0% tax fee. In reality, the project party can become the initial referrer and continuously profit through the referral mechanism. This method of profiting is just more concealed.

Go further: A complete Ponzi example for more tech-savvy users

Let's go further! we created a sample ponzi scheme code based on what we're finding during our everyday work. We encourage you to study below simple smart contract code.

pragma solidity ^0.8.0;

contract PonziScheme {
address public owner;
mapping(address => uint) public investments;
mapping(address => uint) public recruits;
mapping(address => uint) public investmentTimestamp;

constructor() {
owner = msg.sender;
}

function recruitAndInvest(address referralAddress) public payable {
require(msg.sender != referralAddress, "Cannot refer yourself");
require(investments[msg.sender] == 0, "Already invested");
require(msg.value == 0.1 ether, "Investment should be 0.1 Ether for recruitment bonus");
// Add the recruit count for the referrer
recruits[referralAddress]++;
// Add the investment for the new investor with the bonus
investments[msg.sender] = msg.value + 0.1 ether; // 0.1 ether bonus
investmentTimestamp[msg.sender] = block.timestamp;
}

function calculateTotalReturn(address investor) public view returns(uint) {
uint numberOfRecruits = recruits[investor];
uint baseInvestment = investments[investor];
uint profit = 0;
if (numberOfRecruits >= 10) {
profit = baseInvestment * 50 / 100; // 50% ROI
} else if (numberOfRecruits >= 5) {
profit = baseInvestment * 25 / 100; // 25% ROI
}
return baseInvestment + profit; // Total return = initial investment + profit
}

function cashOut() public {
uint totalReturn = calculateTotalReturn(msg.sender);
if (totalReturn == investments[msg.sender]) {
require(block.timestamp >= investmentTimestamp[msg.sender] + 90 days, "Minimum 90 days required to withdraw without recruits");
}
require(address(this).balance >= totalReturn, "Insufficient funds in the contract");
msg.sender.transfer(totalReturn);
investments[msg.sender] = 0;
recruits[msg.sender] = 0;
}
}

  • Entry Point: The entry point for new investors is the recruitAndInvest() function. Here, a new investor specifies a referral address (the person who introduced them to the scheme) and sends 0.1 ether as their investment.

  • Incentive to Recruit: The incentive to recruit new members is twofold: Frist, the referrer gets a count increase in their recruits mapping, which will later increase their ROI. Second, the new investor gets a bonus of 0.1 ether added to their investment, effectively doubling their initial investment.

  • Ponzi Mechanics: The Ponzi nature of the scheme is visible in the calculateTotalReturn function. The ROI is determined by the number of recruits: 5-9 recruits: 25% ROI 10 or more recruits: 50% ROI The more people an investor recruits, the higher their promised return.

  • Potential Collapse: The scheme can collapse at some point. The ability to withdraw funds is implemented in the cashOut() function. If the contract doesn't have enough funds to pay out the total return (initial investment + profit), the cash out will fail. This will happen if not enough new investors are coming in to fund the returns for earlier investors. The require(address(this).balance >= totalReturn, "Insufficient funds in the contract"); line checks for this.

  • Safety Net (or Illusion of One): If an investor hasn't recruited at least 5 people, they can only withdraw their initial investment after 90 days. This might give the illusion of safety and legitimacy, but it's just a delay tactic. During the 90 days, the scheme might already rise and fall, and when the time for withdrawal comes, there might already be no funds on the contract.

Now you have a deeper understanding of the contract code for Ponzi schemes. However, in reality, some Ponzi smart contracts are even closed-source, making them opaque and more difficult to analyze and understand, thereby concealing the contract's logic and risks from users. When dealing with closed-source contracts, we should maintain an even higher level of vigilance and examine both the project and contract levels comprehensively to determine if they exhibit characteristics of a Ponzi scheme.

Identifying Ponzi schemes in a more simple way

In summary, before investing in Web3 DeFi projects, you need to conduct thorough due diligence to avoid mistakenly entering Ponzi schemes and incurring losses.

At the project level, conduct comprehensive research on the project team, token economy, and underlying technology. Be cautious of unrealistic high return promises, ensure that there is adequate transparency in the project, and verify that the project has a sound governance mechanism.

At the smart contract level, fully understand the source code and determine if there are any red flags in the code, always assessing risks before gaining a deeper understanding.

However, is this too complicated and difficult? After all, not all investors are technical experts. Don't worry, HashDit can help you.

For smart contracts, you can scan whether it is a Ponzi contract through https://dappbay.bnbchain.org/risk-scanner using the contract address. Dappbay's scanner is technically supported by HashDit, which has integrated various recognition rules for Ponzi schemes.

You can also search on the Dappbay website (https://dappbay.bnbchain.org/r) based on the Dapp's name, Twitter, website, etc., to see if the project has been marked as significant risk.

Additionally, you can follow HashDit's X (https://twitter.com/HashDit). HashDit continuously monitors data on the BNB chain and provides ongoing alerts for BNB chain-related risks.

Remember, never invest blindly in the dark forest of Web3. HashDit will guide you around every "swamp" and protect your Web3 journey!

Appendix

Below are some Ponzi scam Web3 projects that HashDit has identified in the past. Please stay alert! At the same time, you can also use these projects as reference materials to conduct your own research!

(Scroll right on the form below for more information)

Chain_idAddressWebsiteProject NameRisk Reason Remark
560x3f3f162e8F172fB681a4Fe9BE187B0FF21fE0734avaricetoken.ioAvaricePonzi Scam Project
56bnbdaily.financeBNB Daily FinancePonzi project - Offers unsustainable rates of "DAILY ROI 0.7%". Lack of investments, product, documentation. Opaque team.
560x3471Cc34ED5d7ceadd0a533dedA18ecC0d6Bd927cashbox.cfdCashbox Investment PoolHigh APR/APY. Lack of investments, product, documentation. Opaque team.
56finx.globalFinSwapHigh APR/APY. Centralization in top holders.
56busdyield.comBUSDYieldPonzi SCAM Project
56twitter.com/x_roi_communityTrueFundPonzi scam Project
56bnbcrush.ioBNB CrushPonzi scam Project
56ai-trader.appAI TraderPonzi scam Project
56chronostake.comChronoStakePonzi scam Project
56rewardscapital.appReward CapitalPonzi SCAM Project
56sharkbnb.cloudShark BNBPonzi SCAM Project
560x00000065cBADeAD116136940b302F938284f2BDcpoop.fiPoopPonzi SCAM Project
560xa06411Af90C84fa9Ba4168CC08D8618A602826bastaker.cafeStaker CafePonzi SCAM Project
56matrixpro.vipMatrix ProPonzi SCAM Project
560x80B48C38Ced124eA15a2c19684877ccE4Ab2D524lamon.appLamon AppPonzi SCAM Project
56fin-toch.comFTCPonzi SCAM Project
560xca7Ea9003a9cA60c2adC054a379035723A7a9F49kingdomlegacy.ioKingdom LegacyPonzi SCAM Project
560xd96099403F4b47C3046A6Da11d8cAf254D806398towers.pizzaPizza TowerPonzi SCAM Project
560xd6f5ea3db32dbdc3e9866e60459788de8a2106c7tripfoundation.ioTrip FoundationPonzi SCAM Project
560x40755D50d6Af0B5955a7491D6A5DA94535c26382snyperfund.comSnyper FundPonzi SCAM Project
560xaef10dd120e79f60d61048c306b7379c21d56a38bakedpizza.appBaked PizzaPonzi SCAM Project
560x7785035610075Ec7BcD7c833B03996E866FE0072blockrewards.proBlock RewardsPonzi SCAM Project

· 17 min read
Sebastian Lim

Overview

This report delves into the security events occurring on BNB Smart Chain (BSC) during 2023 H1. It analyzes the types of projects that were targeted and whether they shared common attack techniques. Additionally, the report examines the financial implications of these occurrences.

Disclaimer

The financial data presented in this report has undergone thorough verification through our internal monitoring system, ensuring its accuracy. The data is derived from the $USD valuation of the cryptocurrency at the time of the incident. It's important to note that due to the inherent volatility of cryptocurrency prices, there may be variations in the total amount lost based on current token valuations.

Furthermore, the financial data might not fully reflect the true “exploited amount” of the incident. This is especially true for scams where the total scammed amount is usually mixed with an initial base amount injected by the scam project party.

BSC Innovations

The first half of 2023 has been an exciting journey for BNB Smart Chain (BSC), marked by continuous innovation and the tireless efforts of the BNB Chain team in crafting and advancing cutting-edge technologies.

Just to name a few in H1:

  • The Greenfield Testnet went Live: The Greenfield testnet, is an open-source project aimed at providing a scalable and efficient data availability layer for decentralized applications (dApps).

IMG-1

  • Reduced Transaction Costs: Following extensive discussions, BSC validators have lowered transaction costs from 5 Gwei to 3 Gwei. This reduction in fees will help drive network adoption, making BNB Chain an even more attractive platform for developers and users.

  • BSC Validators Self-Stake Update: Thanks to an on-chain governance proposal, validators significantly reduced the cost to become a BNB Smart Chain validator, fostering a more diverse and robust ecosystem. This change greatly benefits the community by improving entry cost to be a BSC validator. Self-Staked moved from 10,000 BNB to 2,000 BNB.

  • BNB Chain exhibited a significant rise in market share, demonstrating steady growth in the percentage of verified smart contracts. Its market share increased from 38% at the beginning of Q2 to 45% by the end of H1. This performance underscores BNB Chain's dominance and the high level of trust placed in its infrastructure by developers and users.

IMG-2

Figure 1: Number of contracts verified weekly across chains (Refer to the Red box for 2023 H1 data)

  • opBNB and zkBNB: These dynamic layer 2 solutions are poised to revolutionize the BNB Chain ecosystem by further enhancing the capabilities of BNB Chain’s ecosystem; offering developers a boundless horizon to pioneer groundbreaking advancements.

IMG-3 IMG-4

[Refer to the blogs 1, 2 released by BNBChain for more information]

2023 H1 in focus

General

A comprehensive overview reveals that security incidents on BSC resulted in an aggregate loss of nearly $101.84 million. An examination of the monthly breakdown highlights notable patterns. Specifically, the months of May, March, and June emerged as pivotal periods, witnessing the highest recorded losses.

IMG-5

Figure 2: Amount of stolen funds in dollars per month in 2023 H1

This chart shows the number of projects impacted by exploits in 2023 H1.

IMG-6

Figure 3: Number of different project impacted by exploits

In total, there were 199 incidents on BSC.

As seen in Figure 3, the highest number of security incidents took place in June.

Comparison with H1 previous years

When we compare the data with H1 of previous years, there is a decreasing trend, which can signify that the security posture of BNB Chain has improved over the years.

IMG-7

Figure 4: Financial Loss across the previous H1 of 2020 - 2023

Type of attack vectors

Out of the 199 security incidents, hacks took up 66.3%, 33.2% were scams. However, 1 particular incident (0.5%) was a white-hat hack. The white-hat hack is related to a Hashflow project, where an old contract had an Open Approval, this means that any users that have approved funds to the victim contract can have his existing funds stolen.

IMG-8

Figure 5: Proportion of different type of exploits

However, it is interesting to note that even when the number of hacks are nearly doubled to that of scams, the financial impact of hacks were less significant than the ones related to the scams. The total financial loss of hacks ($35m) was nearly half of the loss to scams ($66m), as shown below in Figure 6 below.

IMG-9

Figure 6: Financial impact measured in dollars comparing different types of incidents

Looking at the comparison with 2022 H1, we observed that this trend was actually reversed! In 2022, the number of scam incidents was double that of hack cases, with the financial loss of hacks being double that of scams. You can refer to our previous [report]((https://hashdit.github.io/hashdit/blog/bsc-2022-end-of-year-report/)) for more information.

The observed trend potentially signifies an escalating presence of scammers within the crypto space. Their tactics continuously evolve, challenging users' vigilance. Furthermore, smaller, lesser-known projects may exhibit comparatively lower emphasis on security measures. This underscores the pressing need for heightened awareness and diligence across the ecosystem to safeguard against emerging threats.

Specific attack vectors

Figure 7 displays the specific attack vectors against its financial loss in 2023 H1.

IMG-10

Figure 7: Proportion of the funds lost comparing the different type of vulnerabilities

Looking at the breakdown, the most common loss of funds was attributed to Rugpulls (25%), while the second most common attack vector was due to Reflection Vulnerability. Several token smart contracts deployed on BSC utilize the Reflection mechanism for token holders to gain dividends, however the reflection implementation might be flawed, leading to its liquidity pool being drained by malicious actors. The third most common attack vector was Price Manipulation at 8.2%. This is common as well since poorly designed smart contracts rely on the instantaneous price of liquidity pools, and hence can be easily manipulated by a large Swap trade or Flash Loan by hackers.

Type of projects

When comparing the types of project with the observed financial loss, a whopping 98.8% of financial loss were attributed to DeFi projects. The second most common type of projects that were targeted wasBridge projects at 0.6%, followed by GameFi and Metaverse projects at 0.3% and 0.2% respectively.

IMG-11

Figure 8: Proportion of funds lost comparing the type of project

With a large proportion of fiat loss associated with DeFi projects, this that DeFi projects are still the most common type of crypto project in the space. At the same time, it shows how important it is for users to only invest in reputable and well audited projects, and to stay clear of potential rugpulls and vulnerabilities.

Top 10 incidents in 2023 H1

The following were the top 10 security incidents in terms of financial loss in 2023 H1.

IMG-12

Figure 9: Top exploits measured in dollars in 2023 H1 on the BNB Smart Chain

Fintoch - $31.6 Million Loss

On 25-May-2023, Fintoch, a Ponzi platform was reported to have rugpulled $31.6 million USD. The funds were since bridged to multiple addresses on Tron and Ethereum. Its users reported that they could not withdraw their funds.

Fintoch advertises themselves as a blockchain financial platform built by Morgan Stanley, and users can get 1% return on investment every day. The team’s page on the Fintoch website refers "Bobby Lambert'' as their CEO, when in fact he did not exist and was, in fact, a paid actor. Earlier, the Singaporean government and Morgan Stanley both issued warnings about this “investment plan”.

ippswap - $14.5 Million Loss

On 26-May-2023, a scam project, ippswap was found to have rugpulled $14.5 million USD. The ippswap project executed a concerning action by exploiting a privileged backdoor method, takeToken(), within the staking contract. This unauthorized maneuver allowed the project party to transfer IPPSwap LP Tokens, which had been staked by users, directly to their own account. Liquidity was then subsequently removed using the above LP tokens to gain $14,535,741.86 USDT.

Some of the USDT funds flowed onto Binance exchange where the funds have been frozen by the Binance team.

Safemoon - $8.9 Million Loss

The Safemoon project was exploited for $8.9 million USD on 29-Mar-2023. The Safemoon liquidity pool was compromised after a code upgrade introduced a bug, a public burn() function. The hacker was able to burn the SFM tokens in the liquidity pool, artificially inflating the price of the SFM tokens, and then sold sufficient tokens to wipe out all the WBNB in the pool.

On April 20, the SafeMoon attacker returned 80% of the stolen funds, and transferred 21,804 BNB (approximately $7.2 million) to the SafeMoon vault wallet, taxing the remaining 20% as a bounty.

SwapX - $7.3 Million Loss

SwapX, a DeFi project, faced an Open Approval issue starting from 27-Feb-2023, resulting in users losing more than $7.3 million USD. Users of BSCex / SwapX, a DEX on BNB Chain, had their funds stolen from their wallets. Vulnerabilities were found in four old contracts (deployed on Jan. 2021, May. 2021, July 2021, and Oct. 2021) belonging to the DEX. Many users still have active approvals to these contracts, even though they have not used it for a long time. Affected users remain at risk as long as they have not revoked their approvals.

Atlantis Loans - $3.5 Million Loss

On 12-June-2023, Atlantis Loans faced a malicious Governance proposal takeover, coupled with the abandonment by the core team whichresulted in ~$3.5 million USD loss. On April 12, its official TG channel was deleted and a backup channel was created instead, with multiple users of the community claiming that the project had been abandoned and that they are trying to build it up again. A malicious proposal was then submitted to take over the core contracts of Atlantis Loans which was successfully shut down by the new project party.

However, a similar proposal was submitted on June 12, and was not blocked this time, which resulted in the hacker stealing funds from users that have approved the Atlantis Loans core contracts.

$FUT - $2.7 Million Loss

Early this year on 4-Jan-2023, the $FUT project team conducted a rugpull for $2.7 million USD. The project party was able to invoke the privileged function withdrawSushiReward() of the Masterchef contract to transfer all the FCS to another controlled wallet. He then subsequently swapped all his FCS for $FUT before exiting for USDT. Once again, this shows the risk of over-centralization by the project party, as they have too many privileges and can easily backdoor funds from users.

Circulate - $2.3 Million Loss

On 12-Jan-2023, the Circulate Ponzi managed to scam around $2.3 million USD from users. The CirculateBUSD and CirculateWBNB contracts promised users high APR by depositing funds with them. When users deposit funds, they invoke the startTrading() method of the contract, this in turn calls a third party dependency: SwapHelper contract which is unverified. However, upon decompiling the code, we noticed that there was a hardcoded condition that when the contract reached $2m of staked funds, the funds will be immediately transferred to a designated project team’s address.

Although it is currently unknown how the scammer in this incident was able to get large investment into their recently created contracts (~2 days), it is highly likely that the contracts were scams from the beginning due to design bugs in the SwapHelper contract. On the whole, third party dependencies in smart contracts present a security risk. Whilst reliance on third parties such as the use of oracles is sometimes unavoidable, developers should avoid these dependencies as much as possible.

YieldRobot - $2.1 Million Loss

On 17-Jan-2023, YieldRobot scammed users of around $2.1 million USD. For context, YieldRobot is a De-Fi protocol which promises to give yield for users that deposit BUSD. Two days prior to the incident, the YieldRobot contract deployer wallet set the signer to a new EOA (0x3f531). The signer address is needed to approve the redemption of coupons.

In order to redeem a coupon it must pass a check to verify it has the correct signer. Once approved, the coupon is added to the user’s reward balance. In this incident, 0x8f2DB called setCoupon() which credited them 2.1m BUSD.

The new signer approved the malicious coupon redemption, as such he was able to claimRewards of the contract’s BUSD balance and drain all the BUSD funds.

LianGo Protocol - $1.6 Million Loss

On 7-Feb-2023, the LianGo protocol was exploited for $1.6 million USD, roughly 6,148,859 LGT reward coins were stolen. For context, LianGo is a decentralized payment consumption and LGT is their main token.

The reason for the theft was that the owner administrator of LGTPool created a fake LP token pledge pool (pool 3), and then the thief put a large amount of LP tokens into the pool, pledged and obtained 6.14 million LGT reward tokens.

Based on on-chain data, the thief has been preparing for the theft for a long time. 58 days before the incident, the stealer’s address obtained the gas fee from Tornado Cash, and deployed the fake LP contract 32 days before the incident.

Then on the same day the LianGoPay project deployed the trading pair contracts of LGT tokens and WBNB on Pancake. This contract address is very similar to the address of the fake LP contract that was deployed earlier -- the 4 letters before and after are the same, which can be easily confused. As such, it is likely a private key compromise to the project’s back end system.

The administrator of the LGTPool contract initiated three consecutive transactions to create pledge pools, the first two of which also created a real one when creating two fake LP token pledge pools (pools 3 and 4). LP token pool for WBNB and LGT. Because the front and rear four digits of the real and fake LP token contract addresses are the same, it is difficult for users to detect that the first two created LP pools are fake LP pools.

Then the attacker launched an attack, first deploying an attack contract. When the contract was initialized, a huge amount of fake LP tokens was pledged for the fake No. 3 LP pledge pool - up to 614885935211982505426257800000000.

Then the attacker initiated a redemption transaction and received the rewarded LGT tokens. Because of the huge amount of pledged principal, 6.14 million LGT rewards were generated. These reward tokens were exchanged for 1.62 million BSC-USD tokens and transferred to an address starting with 0xCb65 (this address used to receive gas fees from Tornado Cash 58 days before the incident).

DeusDAO (DEI) - $1.3 Million Loss

On 6-May-2023, the DeusDAO (DEI) project was hacked for slightly more than $1.3 million USD due to a wrong contract upgrade. The project was hacked on 3 different chains: Ethereum, Arbitrum and on the BNB Chain. The upgrade bug introduced a public burn vulnerability, which allowed attackers to steal funds from other wallets that have DEI tokens.

The issue was specifically in the burnFrom method, which wrongly swapped the 2 parameters of msg.sender and the account to be granted approval. The hacker essentially approved DEI tokens to a whale account with a large amount of DEI tokens, and then invoked the wrongly implemented burnFrom method with 0 tokens. This approves all the DEI tokens to the caller instead, where he can just simply call transferFrom and steal all his tokens.

Conclusion

BSC continues to be a strong competitor, outperforming Ethereum in terms of daily active users and verified contracts. However, it is undeniable that 2023 H1 has proven to be a challenging year for both investors and developers due to the continued bear market trend and exploit incidents. Below we have some final advice for investors and developers:

For investors:

  • Understand what you're signing, do not blindly sign random signatures/transactions (never sign signatures outside of official websites)
  • Always double check that you are on the official website of the dApp
  • Be wary of new/trending projects or projects that guarantee High APYs / use MEV bots, and always verify the project team’s authenticity
  • Use multiple wallets for different activities (hot wallet for frequent transactions; cold wallet to store high value funds)
  • Ensure you are interacting with an open-source contract and revoke approval once interaction is done
  • Check the security and risk scores of interacted contracts (e.g when using Trust wallet) If High Risk is flagged, we strongly advise to stay away

Feel free to reach out to our team if you have any doubts about a certain project / contract address / transaction / risk score!

For developers:

  • Verify & open-source all relevant contracts on-chain (to ensure transparency and trust within the space)
  • Ensure the project is audited by at least 2 well-known security companies and fix all issues where applicable (Including auditing newly added code)
  • Incorporate / Implement a bug-bounty program to upkeep the security posture of the project and encourage the community to ensure the code remains secure
  • Ensure security is at the core of the business: run sufficient testing / stress-testing / simulations such as (1) adverse token price fluctuations, (2) edge cases
  • Prevent centralization risks by using multi signature wallets and not a single EOA wallet to run operations
  • Minimize contract upgradeability and only apply to contracts when necessary
  • Ensure funds are stored securely (key management, fund distribution)
  • Implement safeguards in the event of a hack (formulate an Incident Response plan, introduce time lock / pausing within the smart contract)
  • Constant monitoring of system parameters e.g Exchange Rate of a token

Hashdit

HashDit’s core mission is to provide the essential threat intelligence for the everyday crypto investors, helping them to make informed decisions. Our methodology includes a variety of automated and manual techniques to evaluate a dApp project. The team has optimized its product offerings and improved its accuracy in 2023 H1.

Products at Hashdit currently:

  • Risk assessment: All-in-one collection of security rating framework, auto-scan tools, and corresponding APIs, which are able to deliver accurate detection for potential rugpull/exploit risks based on a smart contract address. This is integrated with platforms like Trust Wallet and PancakeSwap, to leverage their reach and protect more users.

    It is able to detect multiple other risks, besides the usual SWC bugs, such as Tornado Cash interaction, risky functions encompassing ERC20 or ERC721 token standards (such as Migrate() or Blacklist() ), HoneyPot detection, etc. This can help users gain a better understanding of the smart contract, if it could be a scam.

  • Audit service: Comprehensive code audits following extensive and detailed best practices for smart contracts and discovering code loopholes / security vulnerabilities before they are deployed on-chain, guaranteeing users’ safety on BSC.

  • Monitoring: Detecting sensitive events / transactions that happen on-chain to quickly respond and minimize any additional financial losses. At the same time, Hashdit warns users early by sharing any information we found on our Twitter

  • Blog: Our goal is to share our security knowledge for builders, investors and users in the Web3 community. With all the players in the industry equipped with the security knowledge needed and adopting a security-first mindset, only then will the Web3 ecosystem be a safer place for everyone.

· 10 min read

Smart Contract Wallets, the Future of Crypto Wallets?

Multi-signature wallets, also referred to as multisig wallets, are standardized smart contracts that consolidate multiple accounts and private keys into a single wallet for managing crypto assets. The main goal of a multisig wallet is to create redundancy by requiring multiple private key signatures to authorize a transaction, similar to other crypto wallet solutions. Smart wallets utilize a group of exclusive key pairs and wallet owners can set the minimum number of signatures required for authorizing any transaction, allowing them to distribute the keys associated with the primary wallet to other parties and decentralize the responsibility of managing funds. As a result, multiple parties must sign off on a transaction before it is validated, providing an extra layer of security for the wallet and the crypto assets associated with it. This mechanism also prevents malicious actors from accessing funds if one of the accounts private keys is lost or stolen.

To learn more about the risks associated with traditional crypto wallets and to get a comprehensive technical analysis of the benefits of using a multisig wallet, please check out our article, The Risk and Future of Crypto Wallets. In this article, we compare MPC Wallet and Smart Wallets and explain which one is preferable from a security perspective. As crypto wallets are a critical component in a blockchain system, it is crucial to establish robust policies, guidelines, and best practices to safeguard and benefit the entire community.

That's why we've created a guide on how to migrate from a conventional wallet to a multisig solution. Since crypto wallets are a single point of failure, we recommend transitioning to smart wallets to reduce the impact if one of the private keys is intentionally or accidentally leaked. Additionally, this significantly diminishes the likelihood of former employees attacking the protocol in case of an inside job.

How to Migrate to a Smart Wallet

This guide outlines the process of migrating your wallets to a secure multisig wallet using Gnosis Safe and Trust Wallet. We provide step-by-step instructions for you and your team to perform a straightforward migration by transferring smart contract ownership to the newly created multi-sig wallet.

migration

Figure 1: Time to migrate.

Out of scope

The following point will not be detailled on our guide.
  • To create an account on Trust Wallet. Please refer to this guide .
  • For a detailed explanation of the usage of an upgradable contract, please refer to Openzeppelin Documentation.
  • Technical teams should be able to choose their favorite web3 development and testing framework to properly create the transactions required to perform the contract migration. Also, they should be able to perform the proper setup for testnet and mainnet.

Migration Prerequisites

We highly recommend that all projects managing significant amounts of crypto assets, such as project treasuries, migrate their funds to new smart wallets. Additionally, we strongly advise projects with simple crypto wallets that have elevated privileges in their decentralized applications to switch to a multisig solution. If your project has any roles with elevated privileges in its smart contracts, it is essential to migrate all the wallets from classic to multisig setups. This guide provides detailed instructions on how to use Gnosis Safe and Trust Wallet to manage the Safe. However, before considering migrating your smart contracts to a multisig solution, ensure that your project complies with the following requirements:

Make sure your smart contracts have a mechanism to change the addresses with elevated roles. For instance, if your smart contract is using the Ownable interface, one might be able to use the contract function transferOwnership to transfer the ownership between addresses - in this case from an External Owned Address (EOA) to the multisig wallet. If your contract does not have this capability to change a role address, we suggest adding such capability to a new version of your smart contract and upgrading it. Note: to upgrade one’s smart contract, one needs to use a proxy smart contract. Create your Multisig wallet using Gnosis Safe. Create your free Trust Wallet account, on mobile or desktop.

Migration steps

  1. Creation of a Gnosis Safe.
  2. Prepare smart contract migration in the test phase (testnet).
  3. Perform and validate smart contract migration on production (mainnet).

Create the Gnosis Safe

  1. Start the creation process
  2. To create a new Gnosis safe multi-wallet, connect to their official website and select the option to create a new Safe.

    Create Wallet

    Figure 2: Gnosis Safe safe creation process

  3. Use Wallet Connect
  4. To connect their multisig wallet with Trust Wallet, select the WalletConnect plugin.

    Connect Wallet via WalletConnect

    Figure 3: Connecting Trust Wallet via WalletConnect

  5. Connect With Trust Wallet
  6. Open Trust Wallet with the device of your choice. Trust Wallet exists for mobile android, iOS, Web plugins's and desktop platforms.

    To associate your wallet with the multisig one, use your favorite platform and either scan the QR code that appears on your screen with your smartphone or upload the QR code using the associate feature in the app. Make sure to choose the Trust Wallet with enough funds to pay for the Transaction. In our case, the multisig creation cost only 0.31$.

    Wallet Connect QR
    Figure 4: Wallet Connect QR code connection.

  7. Associate the wallets via QR code identification.
  8. After scanning the QR code with the Trust Wallet application, the Trust Wallet BNB Smart Chain address becomes available on the right top corner of the following page.

  9. Setup the multisig wallet details
  10. Choose a multisig wallet name that is displayed in the Gnosis Safe web app. Finally, make sure you select the BNB Smart Chain network.

    Safe Setup

    Figure 5: Safe wallet setup for BNB Smart Chain, connected to one’s Trust Wallet account.

  11. Setup the wallets and threshold.
  12. Click Next and add the other wallet addresses of the wallets used to validate your transactions.

    For relevant crypto wallets, we recommend at least 3 signatures. Also, we recommend using a threshold of at least 50% of the total number of associated wallets. The more keys a project manages the larger surface of the attack and the higher the probability of mismanaging them or having them stolen.

    Such a recommendation comes after the incident with Harmony Horizon Bridge had 2 out of 5 private keys stolen and also raised a concern about how to securely manage private keys on a validator node… But that's a discussion for another time.

    Smart wallet wallets Setup

    Figure 6: Setup of underlying wallets associated with the multisig wallet.

  13. Review the final setup.
  14. The next page displays the summary of the Wallet setup.

    Smart wallet wallets Setup

    Figure 7: Multi Sig creation Summary.

  15. Validate the multisig creation from your TrustWallet app.
  16. When clicking next, your Gnosis requests the confirmation and the signature from your first and main wallet. In the meantime, the screen looks like this:

    Wallet creation awaiting confirmation

    Figure 8: Wallet creation awaiting confirmation.

    This is the message you receives in your Trust Wallet application:

    Trust Wallet approval
    Figure 9: Trust Wallet mobile app view on multisig wallet creation approval.

    Approving the transaction pays the required fees for Gnosis to deploy the multisig smart contract on the chain. Once the transaction is approved and paid, the Gnosis web app should change to

    Safe created

    Figure 10: Successful creation of the smart wallet.

    Finally, you can see your multi-wallet created in the Safe. You find the following page with your multisig wallet address. This is the new 0x address you should use when migrating your contracts.

    Safe account summary

    Figure 11: Gnosis Safe account with the newly created multi-signature wallet.

  17. Managing Gnosis multisig wallet.
  18. After the creation, it is still possible to perform changes in wallet composition. it is possible to manage (add, remove) the wallets associated with the multisig one as well as change the threshold number for validating transactions.

    For this reason, access to the Gnosis Safe app should be very limited. Never leave your notebook unlocked and don’t use password-saving features in web browsers. Make sure to have a clear change management process for performing this kind of change.

    Safe account summary

    Figure 12: Gnosis Safe multisig settings enabling multisig wallet management.

Prepare smart contract migration on Testnet

Before performing the migration directly on the main net. Projects should always try to perform the migration in the BNB smart chain test chain. However, it is possible your team already has internal technical guidelines or processes regarding such migration. Make sure to check with your team lead before moving forward.

Even if Trust wallet and Gnosis Safe aren’t (yet) available in BNB smart chain testnet, it is important to test the transaction in the testnet and validate that your transaction has the expected results. Transferring the ownership of a smart contract to an address you don’t own can have serious consequences. You would not only make you lose control of the smart contract and its associated funds but it would also make you lose ownership of all the smart contracts that the first smart contract owned.

1 - Load the target smart contract in BNB smart chain Testnet using Hardhat or Truffle

2 - Execute the transaction to change the address of the privileged role. For instance, using the transferOwnership method for contracts relying on the Ownable smart contract.

Using the following brownie script One can change the ownership of a dummy contract that uses Ownable interface. It only requires us to use the transferOwnership capabilities.

Brownie Snippet

Figure 13: Brownie python snippet enabling the transfer of ownership of a token contract.

3 - After executing the transaction, make sure that the address has changed according to your expectation. Either check using the testing frameworks of the respective framework you are using. Chai for Hardhat or Mocha for Truffle. The result is also available in BNB testnet chain explorer: https://testnet.bscscan.com/

Verification on BSC Scan

Figure 14: Alternatively verifying results in BSC scan.

Note: the best practices would require the project teams to use the same tech in the test phase - Gnosis Safe and Trust Wallet but they are not available in Test net. Therefore feel free to use other wallet solutions compatible with BNB smart chain testnet such as Metamask.

Note 2: One might feel comfortable using the dev tools forking mechanism to perform the test locally and validate that the transaction has the expected results. However, for larger projects, small changes can have a considerable impact on their other smart contracts. Also, other decentralized applications might depend on them. Therefore it is preferable to perform such validation in a long-lasting environment such as the actual Blockchain Testnet environment. Also, running all integration tests might be required to confirm no collateral issues.

Perform and validate smart contract migration on Mainnet

Now it is time to perform the previous steps on mainnet. Make sure that your wallet has enough funds to perform the change in the smart contract.

Script execution in prod

Figure 15: Script execution result for mainnet.

· 14 min read

Introduction

Crypto wallets are a piece of software used to manage and transfer crypto assets. But different from traditional wallets, no crypto assets are stored in them. Crypto wallets, however, are composed of a public key that is associated with the wallet's public address used to send someone crypto assets. and, private keys, which are necessary to access and manage the associated assets. Crypto assets stay on chain, their smart contract state changes to reflect the changing of owners.

Crypto wallets are the first component a new user has to start learning. And they are fundamental for anyone wanting to interact with crypto assets, decentralized applications (Dapps) - in Decentralized Finance, Non-Fungible Tokens, Decentralized Autonomous Organizations, etc.

Even if under the hood, crypto wallets rely on the usage of secure asymmetric cryptographic keys, managing such keys has always been a security challenge in the IT industry. Over the years, asymmetric keys have been used to secure communications between parties, by ensuring message confidentiality and are heavily used to secure internet communications between browsers and servers, with the famous HTTPS standard.

www secure communications

Figure 1: Worldwide secure communication with TLS and HTTPS.

Now, cryptographic keys have the challenge of securing crypto assets. This is a completely new use case that presents more risks than using public key infrastructure (PKI) to secure messages between parties over the internet. The financial impacts cannot be compared. Instead of being stored securely in Hardware Security Module (HSM), managed by a Key Management System secured by cloud providers with years of experience and a team of experts, crypto wallets can now be stored in a browser plugin, in a web app, mobile app or in a desktop app. Lot of relevant characteristics exist for crypto wallets: are they hot wallets, cold wallets, paper wallets, or hardware wallets? Do they implement hierarchical deterministic standards, are they blockchain-specific, multi-chain? Are they self-custody or 3rd party custody? With all these questions, arise security concerns that we are not addressing in the article.

Mismanaging crypto private keys has been a common cause of loss of funds for investors and a reason for Dapps to be hacked. In the long run, this becomes a major problem for wide crypto adoption. Especially when compared with today's banking system security and user experience.

So far, the Web3 industry has been getting inspiration from the IT industry's best practices, when considering the public key infrastructure. However, is it enough? Should the Web3 industry create new standards dedicated to such use cases?

Crypto Wallets and Single Point of Failure (SPOF)

However, the usage of public keys to managing assets associated with a crypto wallet is unfortunately risky. Indeed, the seed phrase and the private keys become a central security element that can put all the funds associated at risk. In this article, we are further evaluating the risks associated with the loss or the theft/leak of private keys.

Loss of Seed Phrases and Private Keys

If a private key or a seed phrase is lost, users are not able to access their crypto assets. According to Chainalysis, 20% or $140 billion dollars of all bitcoins are lost. Many stories of users that lost their wallet password, or the hard drive containing the wallets, seed phrases, and hardware wallets. Once keys are lost, by design, for asymmetric cryptographic keys to be secure, it is impossible to regenerate the private key. Therefore, funds are lost forever.

Stolen or Leaked Private Keys and Seed Phrases

Similarly, if these sensitive pieces of information are stolen, malicious actors get full control of one's assets. The most common and most effective type of attacks in the crypto industry is the usage of social engineering attacks, phishing and scams are still the most profitable ways to steal crypto assets because they are single and rapid to be put into place, one only need to build a fake website pretending to be real Web3 projects, or fake wallet application that steal the data one inadvertently shares with them. In many cases, such malicious applications request seed phrases or private keys, which should never be shared - only if one migrates their wallet’s private keys to another wallet provider. To summarize, as a user or investor, it just requires a small amount of inattention for one to click a malicious link and interact with the underlying application for them to lose part of all of their crypto assets.

For projects, it becomes a real problem to manage a considerable amount of crypto assets. The project is only as secure as their less secure link. Not only are they susceptible to phishing attacks, but also, to hacks and sometimes internal jobs or an employee who went rogue that could be covered as hacks.

Note: If one discovers, their private keys or seed phrases have been compromised, they should move any remaining assets to a new safe wallet as soon as possible!

This is why we consider crypto wallets a single point of failure. A single point of failure is a part of a system that, if it fails, causes the entire system (Decentralized application or wallet) to fail. It is a critical component or a bottleneck that, if it becomes unavailable, causes the system to be unavailable as well. It is important to identify and mitigate single points of failure in order to increase the reliability and availability of a system.

In a Public Key Infrastructure (PKI) system, a single point of failure can exist if the private key associated with a particular public key is lost or compromised.

So let’s consider the classic dilemma in the web3 ecosystem: “Not your crypto, not your coins” - the dilemma between self-custody such as hardware wallets, and third-party custody, such as in exchanges. On the one hand, one should take full ownership of managing their crypto wallets, using, storing, and securing them on their own. They would be subjected to the existing risk of losing or mismanaging them. On the other hand, some users would rather delegate the management of their crypto wallet to a third party that is specialized in the matter. This is a valid debate.

Self custody

Figure 2: Ledger self-custody hardware wallet.

 It is important however for every end-user to understand the risks associated with the management of crypto wallets. But when thinking of mass adoption, there is always a community that would rather pay not to have to waste time or to worry about the risks and responsibility that it is to securely manage their crypto life savings. Such groups would rather rely on a trusted third-party entity to do it for them. Similar to what we have done over the years with banks and insurance.

3rd party custody illustraction

Figure 3: Illustration of a third-party custody safe.

 However, in this article, we are not evaluating the many practical and philosophical pros and cons of each one of the options and are limiting ourselves to mentioning that each option implies a very different level of responsibilities and requires different levels of expertise in cybersecurity, in general. Self-custody, with today’s technology, is still risky even for individuals with technical knowledge.

But, many solutions are in place to address the single point of failure problem and enable a more secure self-custody experience for users and web3 projects. So let’s discover the solutions.

The Secure Future of Crypto Wallets

To mitigate the risks of a single point of failure in PKI, over the years organizations have created securities policies and best practices gathered in security frameworks such as the ISO/IEC 27099. In such a framework, some of the guidelines suggest the implementation of robust key management protocols in combination with HSMs, as well as regular testing and monitoring of these systems for vulnerabilities. This includes implementing measures such as backups and redundant solutions to ensure that the system remains functional in the event of a key management failure, at the software and hardware level.

However, the crypto space has changed the way we use public key infrastructure. Now, the new practice is to use it for managing crypto assets. And PKI's traditional policies and procedures did not take into account the usage of such mechanisms for crypto asset management. The web3 industry had to develop solutions for this new use case of asymmetric keys being used as wallets.

Thanks to cryptographic techniques such as signature verification, multi-party computing (MPC), and smart contracts technology, two new solutions are being considered the future of crypto wallets because of their ease of use, flexibility, security, control, compatibility with current existing solutions while addressing the problems of a single point of failure. On the one hand, there are the Multi-party Computation Wallets and the Smart Wallets, also known as multi-signature (multisig) wallets.

Multi-Party Computation Wallets

 Firstly, multi-party computation (MPC) wallets are crypto asset wallets that can use MPC cryptographic techniques such as secret sharing, homomorphic encryption, zero-knowledge proof, or oblivious transfer. The goal of such solutions is to enable different parties to manage one private key and the assets associated with it, without one single participant knowing the whole private key. This means, not a single entity knows the private key on his own, which prevents them from accessing the funds.

Such particularity makes an MPC wallet a tool for creating a shared crypto account, with family members or with your business partners. MPC wallets help in introducing trust when required to manage crypto assets together.

MPC wallets are still in their early days, mainly because (secure) multi-party computation is still an evolving field in cryptographic and should still evolve in the next few years with great new techniques.

Here are some of the MPC advantages:

  • Off-chain recovery.
  • Chain agnostic.
  • No gas overhead.
  • No need for change in Dapp for integration.

Some of the drawbacks are:

  • Early stage technology, libraries implementations, which is not great from a security point of view because they can have undetected vulnerabilities.
  • Immutability and lack of redundancy - once created, one cannot change the signers of the associated wallets. In case one loses their wallet, all the funds stored in the MPC will stay blocked.
  • All wallets associated with it have to sign. There is no m-over-n signature architecture.

Smart Wallets

Secondly, smart (contract) wallets or multisig wallets have been used and battle-tested for longer. Indeed, they are smart contracts deployed on chains and publicly available for anyone to verify. With smart wallets, similarly to MPC wallets, it is possible for a group of individuals to manage together crypto assets associated with the main smart wallet.

Multisig wallet owners are able to set up the minimum number of signatures required for the wallet to validate and authorize transactions. This allows them to distribute the keys associated with the main wallet account to other parties, decentralizing the responsibility of managing the funds of a project and creating redundancy.

Practically speaking, to authorize a transaction multiple parties have to read and validate the transaction before it can be taken into account. Thanks to this mechanism, if one of the private keys is lost or stolen, a malicious actor will not be able to access the funds without the other wallet owners. And they are notified someone is performing a suspicious transaction that can be confirmed directly with other key managers. Such a mechanism provides an additional layer of security for the wallet and the crypto assets it holds.

Multisig wallets are important for individual users who want to keep ownership of their crypto assets. This helps solve the problem of lost hard drives where crypto wallets or seed phrases were stored. If one gets lost, they still can manage the funds and reconfigure the multisig and remove the lost key and add a new one.

2 of 3 Multisig Wallet

Figure 4: 2 of 3 Multi-Signature wallet.

Additionally, multisig wallets can provide an additional layer of security for organizations or groups such as DAO that hold large amounts of crypto assets. By requiring multiple signatures for transactions, multisig wallets can help to prevent unauthorized access or misuse of the funds. One of the main actors that can benefit from multisig wallets is the web3 projects. In recent history, many hacks such as The AscenDex hack as well as the Ankr protocol hack happened because of leaked/stolen private keys. These two projects suffered major financial losses severely impacting not only the project financials but their partners and the trust placed in them by the users, investors, and the community. Multi-sig could become a new standard.

Multi sig has also a very interesting added value. From the perspective of web3 projects and protocols: The increasing number of smart contracts in a decentralized application and the increasing complexity of their architecture and interactions, it becomes fundamental to provide transparency and visibility on key performance indicators such as the usage of a secure crypto wallet. They fulfill two main roles: managing crypto assets, but also performing important actions in decentralized applications such as updating the smart contract, pausing a protocol, changing the fees, etc.

Such information is relevant not only for web3 projects' internal security and monitoring but also to increase trust between them and business partners, customers and investors. Since the blockchain is a single source of truth, all the stakeholders can easily verify the security measure on the chain,

Observability and Monitoring

Figure 5: Observability and Monitoring.

  Smart wallets are one of the most advanced security solutions for managing crypto wallets for projects to allow anyone to certify they are using proper security measures to protect their applications and as a consequence, protect their users, their business partners, and their community.

Smart wallets are quite versatile, enabling more features, and here are a few of them:

  • Timelock - prevent spending before a certain date.
  • Spending limits.
  • Mutability, add and remove keys or signers after the wallet is set up.
  • Gas abstractions and pay for fees with other tokens than network tokens.
  • Transaction batching.

Some of the drawbacks are:

  • The overhead for the multi-wallet creation is about 30-40.000 gas and an additional 2.000 gas on the subsequent ones.
  • Requires Dapp adoption of the EIP 1271 standard.

Conclusion on the Security Perspective.

MPC and Smart Wallets are the future technologies for crypto wallets even if MPC and its cryptographic technologies are still being developed and standardized. Multisig, on the other hand, has been around for longer, and battle-tested and even hacked with the Parity Multisig Hack which made projects put more effort into smart wallet security. Both types of wallets create redundancy to prevent the mismanagement of funds by one user.

Even if MPC wallets display a simpler and off-chain process for wallet creation and recovery, being a little cheaper to use and more compatible with decentralized applications, they lack flexibility once they are created. Losing any of the keys required to sign a transaction prevents the parties from accessing the wallet's funds. Smart wallets on the other hand are more flexible, users can be added or removed from the multisig wallet, and keys can be rotated, which is important in case of a security breach or a lost key. Finally, because they are smart contracts, they can implement very different functional features such as paying limits, lack of funds, and others.

We prefer Multi-signature wallets over other options such as multi-party computation wallets because the latter cannot be easily identified nor audited on-chain. Any project user, business partner, or investor can verify on the chain they are using security best practices to reduce the risks associated with a compromised private key be it an internal job or an external hack, it just makes the whole system more redundant and resilient.

· 23 min read
Sebastian Lim

Overview

This report focuses on security events that happened on BSC in 2022, analyzing the type of projects targeted and sharing the common attack techniques used in 2022, with respect to the financial loss of the incidents.

This report also examines the trends on BSC from 2020 to 2022 to help give readers a better understanding of how the space has grown. Lastly, this report shares some of the products we at Hashdit have developed, and what risks can be covered by the capabilities that Hashdit have/are building.

Tl;DR

Security incidents on BSC have risen since 2020. In 2022 alone, nearly $1.05 billion on BSC were lost to malicious actors, where 80% was due to hacks.

In total, there were 282 security incidents, an average of roughly 23 incidents per month. Out of which, 62% were scams / rugpulls.

Disclaimer

The financial data provided here is accurate based on our own monitoring system and based on the $USD amount of the cryptocurrency involved at the time of the incident. Due to the fluctuating price nature of cryptocurrencies, the total amount loss might differ with the current token valuations.

BSC Growth

This year has been a year of building and growth on BSC. Despite the general cryptocurrency bear market and black swan events like Luna and FTX, BSC has continued to reach new milestones and surpass expectations.

Here is a list of some of BSC’s achievements in 2022: [Refer to the blog released by BNBChain for more information]

IMG-1

Figure 1: Number of BNB Smart Chain unique addresses over the year 2022

  • Peak TVL - USD 16.25b on Jan 3. TVL trend as per screenshot. Source: Defillama

IMG-2

Figure 2: Total Value Locked in the BNB Smart chain ecosystem over the year 2022

  • Transactions

    • Peak Txs: 9.78 million txs on 13th May
    • Avg Daily txs since 01 Jan: 4.34 million txs
    • More than 3.7 billion txs on BSC
  • Active Wallet Addresses (DAU)

    • Peak Daily Active Wallets (DAU): 2.16 million DAU on 12th Oct
    • Avg Daily AUs since 01 Jan: 968k DAU ( compared to 740k DAU in 2021)
      • Stabilization of daily active users, which may suggest a foundational user base of an average of ~1 million per day
    • Currently ranked no. 1 compared to other chains in terms of DAU
  • Number of Decentralized Applications (DApps)

    • ~1200 active on BSC

BSC Year-over-Year (YoY)

The on-chain metrics can signal the growing adoption of the BNB Smart Chain as the preferred chain to use and build by investors and developers respectively. However, due to BSC’s decentralization nature and its fast growth to more than 1200 DApps, more bad actors have been attracted to the space as well. As such, security incidents have generally been on a rising trend.

This section aims to describe the security incidents YoY from 2020 to 2022.

General

According to our statistics, in 2022, there were 282 security incidents on BSC which have increased by 228% YoY from 2021. In 2021, there were 86 security incidents, a 760% increase from 2020.

IMG-3

Figure 3: Number of incidents on the BNB Smart Chain over the last 3 years

Financial losses have also increased from 2020 to 2022, with damages totalling $1.81 billion over the past 3 years, as seen from the chart below. The YoY increase from 2020 to 2021 is 61,221%, while the YoY increase from 2021 to 2022 is 37%, a large decline in YoY percentage.

IMG-4

Figure 4: Total amount stolen funds in dollars in the BNB Smart Chain over the last 3 years

By analyzing the ratio of the total amount of stolen funds to the total number of incidents, we observed that the average of stolen funds per incident has decreased.

Indeed, in 2021, the average of stolen funds per incident was calculated to be $8.9m. In contrast, in 2022, this value dropped to just $3.7m - even when there were several considerable events that represent almost half of the stolen funds. This shows that the number of security exploits with high financial impact is decreasing. Such decrease could be explained by the fact that projects with important funds are better secured and are more battle-tested. As such, malicious actors seem to be focusing their efforts on projects with more modest funds, concluding in lesser value exploits.

This pie chart shows a better understanding of the financial losses over the year with 2022 accounting for 57.84% of the total financial loss across, 2021 being 42.10% and 2020 with a mere 0.07%.

IMG-5

Figure 5: Financial losses in % over the last 3 years

Type of attack vectors

According to our statistics, this is the breakdown of the general attack vectors from 2020 - 2022.

IMG-6

Figure 6: Number of incidents per attack vector over the last 3 years

It can be seen that crypto scams (in green) are a growing concern on the BSC, with 167 in 2022, a 328% increase YoY. Also, there were 2 counts of improper management incidents in 2022, which were never accounted for previously. This seems to suggest that project parties might not be following the best practices in securing user funds. When managing critical components such as team wallets’ private keys, it is important to use a secure management system.

Do stay tuned to our blogs if you are interested in best practice guides for securing your Web3 project.

Type of projects

This chart represents the type of projects that were exploited since 2020. IMG-7

Figure 7: Security Incidents per type of project over the last 3 years

It is clear that DeFi projects are still the main targets for crypto hackers, with 208 in 2022, a 147% increase from 2021.

Bridge and GameFi projects were the only other projects which encountered security incidents in 2021, besides DeFi projects. In total, 9 Bridge and 19 GameFi projects were exploited, a 800% and 1800% increase respectively from 2021.

With the expansion of the BSC ecosystem, other categories of projects came into the limelight such as ExerciseFi and SocialFi, which did not exist back in 2021. Some of these projects were victims of hacks as well.

2022 in focus

General

In total, nearly $1.05 billion were lost to security incidents on BSC. By observing the monthly chart below, the months with the top amount loss were October, January followed by June.

IMG-8

Figure 8: Amount of stolen funds in dollars per month in 2022

In those months, the main contributing incidents were (1) BSC token hub exploit, (2) Qubit exploit, and lastly the (3) EvoDefi bridge mismanagement incident.

Interestingly, when removing these 3 outlier incidents from the chart, the total financial loss drops down to just $346.9m, a staggering 67% drop or one-third of total amount loss of 2022. Also, the average of stolen funds per incident falls to $1.2m, from the $3.7m value shared earlier in the report.

IMG-9

Figure 9: Amount of stolen funds in dollars excluding the 3 largest incidents

This chart is closely correlated to the number of security incidents monthly in 2022.

IMG-10

Figure 10: Number of different project impacted by exploits

For example, the highest number of security incidents took place in October which is in line with the highest amount of loss.

However, months that have a higher number of security incidents might have a low amount of loss too. For example, even though August has 29 security incidents which is above the monthly average (23), the financial loss for that month is only $8m which is the 2nd lowest throughout the year. Such data reinforces the fact that we are seeing more incidents with lesser financial impact.

Type of attack vectors

Out of the 282 security incidents, crypto scams are the most common on the BNB Chain as shown below, 62.06% of security incidents are crypto scams, followed by 37.23% being hacks and 0.71% being improper management such as mismanagement of private keys.

IMG-11

Figure 11: Proportion of different type of exploits

However, it is interesting to note that even when the number of scams are nearly double of hacks, the financial impact of scams are less significant than the ones related to the hacks. The total financial loss of scams ($190m) is less than half of the loss to hacks ($803m), as shown below in Figure 12.

IMG-12

Figure 12: Financial impact measured in dollars comparing different types of incidents

For further analysis of the specific attack vectors, this chart displays this against the financial loss in 2022.

IMG-13

Figure 13: Proportion of the funds lost comparing the different type of vulnerabilities

32.93% attributes to the BSC token hub exploit incident where there was a low level vulnerability, specifically an IAVL tree related verification bug. The 2nd largest contributor was Business Logic Vulnerabilities within smart contracts deployed on BSC, accounting for 29.45%.

It is notable here that “low-level” scams like Rugpull and Ponzi, even though they are the most common, do not take up much of the proportion as seen in the pie chart.

Type of projects

When focusing on the project type vs financial loss, without surprise, 60.38% of financial loss are attributed to Bridge projects. This is because cross-chain bridges generally lock large amounts of crypto assets on one chain to mint collateralized assets on the destination chain. Hackers took notice of this trend and targeted vulnerabilities within these cross-chain bridge smart contracts.

The 2nd most project type targeted was DeFi projects at 37.06%, followed by GameFi and Metaverse projects at 1.22% and 1.08% respectively.

IMG-14

Figure 14: Proportion of funds lost comparing the type of project

Top 10 incidents in 2022

The following were the top 10 security incidents in terms of financial loss in 2022.

IMG-15

Figure 15: Top exploits measured in dollars in 2022 on the BNB Smart Chain

Top 10 incidents in 2022

BSC Token Hub exploit - $572 Million Loss

On 6th October 2022, BSC Token hub, a bridge between the BNB Beacon Chain and the BNB Smart Chain, was exploited by an attacker resulting in the unauthorized transfer of 2M BNB.

Root cause analysis confirmed a flaw in the verification algorithm implementation developed by Cosmos, and incorporated by BSC into their contract’s proof verification process. Essentially, there was a bug in the proof verification which allowed the attacker to forge arbitrary messages and include them in a block that wouldn’t be verified. Fortunately, the attacker here only forged two messages, so the damage could have been far worse.

QubitFinance - $80 Million Loss

On 27th Jan 2022, the Qubit protocol was exploited, resulting in almost $80M loss. Qubit Bridge is essentially a platform for users to collateralize their ETH on the Ethereum chain without moving assets to BSC. The incident was due to a flawed minting functionality of qXETH on BSC where the tokens were later used for borrowing assets via Qubit lending.

Root cause analysis was that a legacy function (deposit) remained in the Qbridge Handler contract after it was replaced by a newer function (depositETH).

The legacy function did not check the amount of tokens, in this case WETH, supposed to be transferred in. As a result, the attacker was able to pass in the 0x0 address to fake a deposit event.

EvoDefi - $50 Million Loss

The team behind EVODeFi, a cross-chain platform offering a set of crypto products on BNB Smart Chain (BSC) & Polygon, invested users’ funds on Terra’s Anchor Protocol in order to fund their cross-platform bridge as well as sustain high APR on ValleySwap, the second project owned by the team. In a further effort to boost APR on ValleySwap, the team minted unbacked USDT, causing funds on Oasis Emerald to be unbacked, the network ValleySwap was based on.

However, due to the collapse of Terra’s ecosystem, EVODeFi lost their investment in Anchor Protocol, their unbacked USDT became worthless, and they had no liquidity to continue operations.

Thus, EVODeFi was forced to close their bridge, trapping millions of dollars worth of users’ funds on Oasis, with no way to move funds out of Oasis Network without losing a majority of their fund’s value.

StableFund - $23 Million Loss

StableFund was identified to be a Ponzi scheme. The project team can get a risk-free 3% handling fee, while it was marketed that the participants can get 1.5% rewards every day, and they can choose to get their principal back after 4 weeks.

In reality, the project does not have any profit-making method, to sustain the high 1.5% daily yield. The rewards of the first entrants need to be paid by the principal of the latter entrants, this is the standard Ponzi feature.

The project started from 2022-06-27, where >13k addresses have participated, and more than $23 million have been invested into the pools so far.

Elephant Money - $22 Million Loss

On 13th April 2022, Elephant Money was exploited, resulting in the loss of 27,416.46 BNB. The attacker first used WBNB to buy a large amount of ELEPHANT, and then used BUSD to mint the TRUNK stablecoin. During the minting process, the Elephant contract will convert BUSD to WBNB and then back to ELEPHANT to drive up the ELEPHANT price.

The root cause was that the vulnerable contract relied on the instantaneous price of ELEPHANT-WBNB liquidity pool. Since, the value of ELEPHANT was artificially inflated, the attacker could mint more TRUNK stablecoin, which he can redeem back for WBNB and BUSD.

Transit Finance - $21 Million Loss

On 1st October 2022, Transit Finance / Swap (a cross-chain protocol) was exploited for > $21m. Essentially, this attack targeted the users directly via a vulnerability in the use of the transferFrom() function. Any tokens approved for trading on Transit Swap could be transferred directly from users’ wallets to the unknown exploiter’s address.

Thankfully, > $18.9m was returned back to Transit Finance on both chains (ETH and BNB).

The root cause was that there was a lack of validation for input parameters. The hacker parsed in the Permissions management contract to the vulnerable contract and called the claimTokens function to do a transferFrom from users that have unlimited approval to this contract.

ANKR / Helio - $20 Million Loss

On 2nd December 2022, Ankr protocol was exploited for around $5m, but what was surprising was 1 of their products, Helio, was impacted as well for > $15m, bringing the total damage to > $20m. Essentially, the root cause was that the private key of the Ankr deployer was compromised. According to the team, it was an insider attack that stole the private key. As such, the exploiter introduced a backdoor function and minted a large amount of unbacked aBNBc tokens to drain the liquidity pool for BNB.

Helio was impacted because one of the ways to provide collateral on their platform was aBNBc. Since the value of aBNBc has plummeted, many users seized the opportunity to purchase it at a valuation below market value. At the same time, Helio uses Chainlink to reflect the actual value of BNB at that point of time. As such, these users had a higher collateral value than expected where they could borrow large amounts of $HAY (platform’s stablecoin) and not pay back the debt.

Racoon Network and Freedom Protocol - $20 Million Loss

On 20th July 2022, Racoon Network and Freedom Protocol performed a rugpull. More than 20 million USDT were transferred to the same EOA address, suggesting that they belong to the same party. 10% of the funds were transferred from Raccoon Network, while 90% of the funds were transferred from Freedom Protocol.

For Raccoon Network, the loophole is in the unverified token contract, Raccoon Network Token (RAC). In this token, every time a user transfers a RAC token, there is a 6% tax and the tax fees are transferred to an EOA, where the malicious project party could cash out to USDT anytime.

For the Freedom Protocol, the project party collected USDT by selling their NFTs at a price of 100 USDT. Afterwards, they did not continue their development and the funds have since been transferred out through CEXs.

$FLARE - $17 Million Loss

On 14th November 2022, $FLARE token conducted an exit scam of ~$17m. Essentially, the root cause was the victim contract (unverified) allowed the attacker to use a faketoken as input to call getUserInfo() and then set some value to the "balance" related data structure.

The project has a rewards contract which rewards users who have invested USDT, in exchange they get USDT. Internally, there is this “balance” related data structure which calls the investing contract and getUserInfo() to keep track of how much tokens have been invested.

However, the lack of input validation allowed the exploiter to parse the address input of his faketoken, with the necessary getUserInfo() method and fake his amount invested.

DEGO Finance / Cocos - $15 Million Loss

On 9th February 2022, DEGO Finance / Cocos were hacked for $15m. The hacker compromised multiple private keys of the team. As a result, the hacker removed liquidity from the projects and stole all funds from their hot wallets. The funds have already been bridged to ETH chain and deposited into Tornado Cash.

Conclusion

BSC continues to be a strong competitor, outperforming Ethereum in terms of daily active users and transactions. However, it is undeniable that 2022 has proven to be a tough year for both investors and developers due to the bear market and hack incidents, which impeded trust within the cryptocurrency community. Below we have some final tips for investors and developers:

For investors:

  • Understand what you're signing, don't blindly sign random signatures/transactions (never sign signatures outside of official websites)
  • Always double check that you are on the official website of the DApp
  • Be extra wary of new/trending projects or projects that guarantee High APYs / use MEV bots, and always verify the project team’s authenticity
  • Use multiple wallets for different activities (hot wallet for frequent transactions; cold wallet to store high value funds)
  • Ensure you are interacting with an open-source contract and revoke approval once interaction is done
  • Check the security and risk scores of interacted contracts (e.g when using Trust wallet) If High Risk is flagged, we strongly advise to stay away

Feel free to reach out to our team if you have any doubts about a certain project / contract address / transaction / risk score!

For developers:

  • Verify & open-source all relevant contracts on-chain (to ensure transparency and trust within the space)
  • Ensure the project is audited by at least 2 well-known security companies and fix all issues where applicable (Including auditing newly added code)
  • Incorporate / Implement a bug-bounty program to upkeep the security posture of the project and encourage the community to ensure the code remains secure
  • Ensure security is at the core of the business: run sufficient testing / stress-testing / simulations such as (1) adverse token price fluctuations, (2) edge cases
  • Prevent centralization risks by using multi signature wallets and not a single EOA wallet to run operations
  • Minimize contract upgradeability and only apply to contracts when necessary
  • Ensure funds are stored securely (key management, fund distribution)
  • Implement safeguards in the event of a hack (formulate an Incident Response plan, introduce time lock / pausing within the smart contract)
  • Constant monitoring of system parameters e.g Exchange Rate of a token

Hashdit

HashDit’s core mission is to provide the essential threat intelligence for the everyday crypto investors to make informed decisions. Our methodology includes a variety of automated and manual techniques to evaluate a DApp project.

Thanks to our ever hardworking team, Hashdit has launched several products in 2022.

Products at Hashdit currently:

  • Risk assessment: All-in-one collection of security rating framework, auto-scan tools, and corresponding APIs, which are able to deliver accurate detection for potential rugpull/exploit risks based on a smart contract address. This is integrated with platforms like Trust Wallet and PancakeSwap, to leverage their reach and protect more users.

    It is able to detect multiple other risks, besides the usual SWC bugs, such as Tornado Cash interaction, risky functions encompassing ERC20 or ERC721 token standards (such as Migrate() or Blacklist() ), HoneyPot detection, etc. This can help users gain a better understanding of the smart contract, if it could be a scam.

  • Audit service: Comprehensive code audits following extensive and detailed best practices for smart contracts and discovering code loopholes / security vulnerabilities before they are deployed on-chain, guaranteeing users’ safety on BSC.

  • Monitoring: Detecting sensitive events / transactions that happen on-chain to quickly respond and minimize any additional financial losses. At the same time, Hashdit warns users early by sharing any information we found on our Twitter

  • Blog: Our goal is to share our security knowledge for builders, investors and users in the Web3 community. With all the players in the industry equipped with the security knowledge needed and adopting a security-first mindset, only then will the Web3 ecosystem be a safer place for everyone.

In addition, Hashdit is a major contributor to AvengerDAO, a community-run security initiative to ensure user safety on BSC. Working together with other security companies in the industry, we will aim to reduce the security incidents on BSC, and especially towards Bridge projects and Scams. We are excited to present even better products in the future and improve BSC overall security.

To a better year ahead! Happy new year to all!

Glossary

General Incident classification

The type of incidents can be generally broken down into 3 types:

  • Hacks

    • Hacks in general, is the practice of intentionally exploiting weaknesses in an organization's computer systems. In the context of blockchain, it is exploiting vulnerabilities in fundamental components of DApps and in the blockchain infrastructure. The non-exhaustive list of components can be: blockchain bridges, oracles, crypto wallets, Frontend/backend application and smart contracts which are deployed on-chain. Examples include business logic issues and lack of validation.
    • At times, it could be compromising the private keys of project teams through traditional attack vectors.
  • Scams

    • Scams are Web3 projects that do not intend to deliver promised features. Indeed, they usually entice users to invest or participate in the project with the only intent of keeping their invested money and leaving the users hanging.

    • Scams could be executed by dumping tokens, stealing all the invested funds, through means like sending sketchy emails and websites, or creating fake accounts on social media. In the context of blockchain, scams can involve investing in a “Get-rich-quick scheme” such as a Ponzi scheme or tricking users into signing unintended transactions that will result in stolen funds.

    • Do refer to our blog article for more details on the top 6 crypto scams in 2022.

  • Improper Management

    • Improper Management is a unique situation where the project party mismanages components that associate with user funds. Some examples include application misconfiguration issues that could expose critical information about users / project funds, or when the project party mints uncollateralized funds to perform high risk trading. This will be at the expense of users’ funds being lost.

Project type classification

  • Bridge

    • A blockchain bridge is a tool that lets you port assets from one blockchain to another, solving one of the main pain points within blockchains – a lack of interoperability. Since blockchain assets are often not compatible with one another, bridges create synthetic derivatives that represent an asset from another blockchain.
  • DeFi (Decentralized Finance)

    • Decentralized finance (DeFi) is a new financial framework consisting of decentralized blockchain protocols and underlying smart contract technology. DeFi, as it is most commonly known, makes it possible for users to access different types of financial products and services without the need for a centralized authority.
  • GameFi (Play-to-Earn)

    • 'GameFi' refers to the financialisation of video gaming. It is characterized by its 'play-to-earn' (P2E) business model, and mainly refers to blockchain games that offer tokenized incentives to players while enabling frameworks for player-as-owner rather than the standard player-as-consumer.
  • Learn-to-Earn

    • 'Learn-to-Earn’ refers to the financialisation of quizzing. It is characterized by the business model, which offers tokenized incentives to players who participate in the project and answer quizzes.
  • Metaverse

    • Crypto metaverses are immersive virtual worlds with immense social and financial potential. Their use of blockchain infrastructure enables them to tap into the wider crypto economy, making virtual items exchangeable for real economic value beyond the confines of the metaverse.
  • SocialFi

    • SocialFi is the fusion of social media and Web3. It refers to social media on a blockchain with a layer of finance in it. The concept brings together the principles of decentralized finance (DeFi) and social media to create, manage, and own content generated by the users on the platforms.
  • ExerciseFi

    • ExerciseFi or Move-to-Earn as its name implies, users are rewarded for movement, whether walking, running or dancing to a rhythm.
  • Oracle

    • Oracles are complex computerized systems that connect data from the outside world (off-chain) with the blockchain world (on-chain). Most blockchains have native cryptocurrencies that are used to transfer value, enable the operations of the protocol, or facilitate governance.
  • Wallet

    • A Cryptocurrency Wallet is an application that functions as a wallet for your cryptocurrencies. It is called a wallet because it is used similarly to a wallet you put cash and cards in. Instead of holding these physical items, it stores the rivate keys you use to sign for your cryptocurrency transactions and provides the interface that lets you access and manage your cryptocurrencies.
  • DAO

    • A decentralized autonomous organization (DAO) is an emerging form of legal structure that has no central governing body and whose members share a common goal to act in the best interest of the entity.

· 13 min read
Sebastian Lim

Back in 2021, crypto scams were a growing attack vector tricking victims into investing in the crypto space. According to CNBC, more than $1 billion were lost to crypto scams in 2021, where the most common types include fake investments and romance scams.

Since then, 2022 has shown that scammers are getting more and more creative.

As a leader in securing the BNB Chain ecosystem, it is our duty to keep users in the BNB Chain ecosystem safe by making sure they are always one step ahead of these scammers. Here are the most popular scams this year:

Phishing is already a popular technique used by scammers in Web 2. This is because scammers can just create a malicious website and subsequently mass send the links to their victims. Here, we will focus mostly on ways that the scammers will try to steal your private keys.

In Web 3, scammers usually send their phishing links through different mediums where the Web3 community is, like Discord, Twitter, Telegram, and even On-Chain.

IMG-2

Phishing websites usually look like the real website, but with different url names. They can be about a new giveaway or NFT pre-mint events, basically any situation that will make the user feel excited (FOMO - Fear Of Missing Out) and not think straight. The scammer takes advantage of the user’s emotional instability.

They can blatantly be asking for the user to provide his seed phrase or private key. For example, contacting users on social media,reaching out as wallet software support and jumping in with direct messages spoofing as an Exchange Support to steal one’s private key directly.

Another way is that scammers will develop chrome extensions that look similar to legitimate ones like Metamask. By impersonating the real applications, users often are led to letting their guard down and provide their private key to use the new application.

One interesting tactic we noticed is that scammers will also try to trick users into thinking there is a new bug/vulnerability with existing applications and there is a new software upgrade. We detected a scammer trying to trick users into thinking the current Metamask version had a bug and users should upgrade to the new version. The scammer proclaimed in the message that the new upgrade is not out yet so the upgrade has to be done manually this time. He afterwards gave a set of instructions which aims to trick the user into providing his metamask password which will expose his private key to the scammer.

In this scenario, users should always wait for the official announcement from Metamask and upgrade their Metamask version from official sources.

To upgrade an extension, just head to chrome://extensions/

Click on the update button

IMG-3

This will update all your extensions accordingly.

A friendly reminder:

Normal application upgrades WILL NOT require a user to provide sensitive information such as login credentials.

2: Ice-Phishing

This is a tactic where the user is tricked into signing a transaction that gives an attacker control over the user’s tokens, without the leakage of his private keys. This is an extension of the Phishing technique.

For some background, when a user is using DeFi applications (e.g PancakeSwap) and interacting with the main token standards (e.g. ERC-20, ERC-721, and ERC-1155) the approval method is shown on their metamask window. This is a request for the user to delegate authority to a 3rd party to act on behalf of that user on those tokens. Afterwards, the user can perform other operations like performing a swap.

Attackers will direct users to the phishing website and induce them to sign some transactions that they didn't request. For example, the interacted contract might not even be a contract, but the attacker’s address. Once the approval transaction is done, the attacker has the authority to transfer funds out of the victim’s wallet.

Usually, the scam website has an algorithm to scan the victim’s wallet to detect the valuable assets such as an expensive BAYC NFT or cryptocurrencies like WBTC or WETH. Often, the website will continually show the metamask window to prompt users to sign another transaction even though they may have already signed once.

Another way to prevent being a victim of Ice-Phishing is to stay away from signing eth_sign transactions. They usually look something like this:

IMG-4

The method eth_sign is an open-ended signing method that allows signing an arbitrary hash, which means it can be used to sign unclear transactions, or any other data, making it a dangerous phishing risk.

An arbitrary hash here means that the usual suspects of approve or approve for all methods are not the only possible methods, the scammer can make you sign transactions like native token transfer or a contract call. Essentially, having almost full control of your account without even holding your private key!

Although MetaMask will display a risk warning when signing eth_sign requests, when combined with other phishing techniques, it can still be possible for users with no security experience to fall for these traps.

3: Event Spoofing & NFT Sleep Minting

Event Spoofing

Event spoofing is a tactic where scammers transfer random BEP20 tokens to users, and prompt users to interact with it. The catch is that even though the scammer is the one transferring the tokens, from the blockchain explorer like BscScan, it will show that the source of funds were from a separate wallet such as Binance Hot Wallet. Then, they will be enticed to interact with these new ‘free’ tokens which can lead to users to phishing websites by displaying a link in the token name or the code itself. This is an extension of the Phishing technique.

This method takes advantage of how blockchain explorers show events.

For example, this screenshot from BscScan shows CHI being sent from Null Address to the address 0x7aa3

IMG-5

From the code perspective, this means that at the line emit Transfer(...)

  • msg.sender -> Null address (_from)
  • _to -> 0x7aa3
  • _value -> 294

IMG-6

However, blockchain explorers will blindly use the parameters of the emit events. If the _from address is changed to another address for e.g 0xhashdit, then BscScan will display the CHI being sent from 0xhashdit to the receiving address. Note: this isn’t particularly a bug with blockchain explorers, but more of the flexibility to change parameters since BscScan cannot know for sure whether the parameters are accurate. As such, scammers can use this to their advantage and spoof the source of funds.

Look at our twitter post for such an example!

NFT Sleep Minting

Building on plain BEP20 event spoofing, scammers can be creative with how they execute their scam. NFT Sleep Minting is when a scammer mints an NFT directly to a famous creator’s wallet. However, the NFT code has a backdoor method where the scammer can reclaim the NFT back. This creates the appearance that (1) the famous creator authentically minted an NFT to themselves; and then (2) sent that NFT to a scammer. Based on the “on-chain” provenance, the scammer can claim they own an NFT minted by a famous creator and sell it for a higher value, faking the value in the process.

The deception of Sleep Minting comes from the fact that you can emit any piece of data in an Event log. One would expect that if the user sends a transaction to transfer an NFT, then your address should be in the Event log as the “from” field. However, that is not the case when a scammer reclaims a sleep-minted NFT from a famous creator. A scammer could artificially place the famous creator’s address in a Transfer Events “from” field, completing the illusion.

For exmaple, we can take a look at Beeple's account and observe several NFTS minted to him, and not exactly minted by him.

4: Ponzi Scams

In these scams, there is usually no real strategy to earn rewards or make profits. Essentially, the whole scheme uses the money of new investors to pay the old investors. Once there is no more new money coming in to support the scheme, the whole system will fail.

There are several telltale signs in a Crypto Ponzi Scam:

First, the project side collects tax fees and these fees keep users longer in the ecosystem.

Since every deposit/compounding action incurs some sort of fees, this means that the user has to compound for a longer period of time in order to break even. These fees are also used to pay back the dividends of the users who want to claim.

Second, there is no way to withdraw the user's initial invested funds.

Once one user deposits their initial tokens, there is no way for him to withdraw back his initial invested funds. The only way for the user to get back any funds is to claim back dividends.

The third way is using a referral system.

The project encourages participants to actively promote and refer others through the referrer benefits. The upline will receive additional rewards whenever a downline performs certain actions. Also, in order for a user to start participating in the protocol, he has to have an upline address to start. This creates a system where each address is linked to another, similar to a pyramid scheme. There are increased bonuses for having more than 5 downline addresses too.

A common theme that one will see is a steep rise in funds locked in the contract at the start, usually driven by the initial hype through marketing by the team or funds pumped by the team themselves to generate activity. Once the contract’s balance has reached an inflection point, this means there are no new funds coming in. This will slowly result in the scheme falling apart and the new investors panicking to withdraw as much dividends as possible.

IMG-7

At the end of the day, the project party which solely earns the tax fees will be the biggest beneficiary for such Ponzi scam projects.

5: CHI Gas token farming

CHI Gas token is an initiative by 1inch project, where the Chi Gastoken is a BEP20 token that is meant to be used on 1inch exchange to pay transaction costs. Chi is pegged to the network’s gas price. When the gas price is low, the Chi price is also low, and the opposite.

How scammers make use of this is very interesting. First, they would airdrop a bunch of random BEP20 tokens. When the user approves PancakeSwap to sell these tokens, in the approve() method of these tokens it will hard coded to consume a large amount (e.g above 90%) of the user's gas limit to mint Chi Gastoken which can be used to subsidize the gas fee, the minted Chi Gastoken are the profit of the scammers.

It is recommended to pay attention to the consumed condition of gas fee in approval transactions before calling the approve() function in some airdrop tokens.

In general, don’t touch random tokens airdropped to you

Look at our twitter post for such an example!

6: MEV Scams / Scam Events

Crypto Jargon

Scammers will make use of crypto jargon like “MEV (Maximal Extractable Value)”, “Arbitrage trading bot”, “Sniper bot”, “Front-run bot” promising passive income of a few thousand dollars a day to entice users to participate. These are usually promoted on platforms like Twitter, Tiktok and Blockchain Explorers.

Usually, scammers will attach a video link to the post where victims are brought to video hosting platforms like Youtube and Vimeo.

Example:

IMG-8

Essentially, the scam video will guide the user to deploy their malicious code using the Remix IDE, they will provide the malicious code usually in a pastebin url in the video description.

IMG-9

With the code now deployed on-chain, the user will be instructed to next prepare some native funds to perform the ‘front run or arbitrage’. The scam video will prompt the user to prepare more native funds so that when you perform the ‘front run or arbitrage’ operation, you will be able to make more profits, tricking the user. Once the user injects the funds into the contract and ‘starts the front run’, instead of earning him profits like what the scammer claims to do, the funds will be directly transferred to the scammer

Another relatively new way is for scammers to provide a link for CEX (Centralized Exchange) trading bots such as the screenshot here.

IMG-10

Users will be prompted to download a malicious file and follow the instructions. Usually, users that want to trade on Binance Exchange automatically will have an API key. This scam video tricks users into using their trading bot and asking users to give up their API key and the password for it. Once the user is scammed into doing so, the scammer will be able to receive the user’s credentials on their end and trade with the user’s funds now.

Crypto Event

In such situations, scammers also use social media to spread fake information of a giveaway being done by notable players in the space such as crypto exchanges or projects.

IMG-11

Users will be prompted to enter this link and are instructed to “verify” their address first. In order to so, they have to send some BTC or BNB to the specified address and in return they will get back 10x of the amount. At the same time, the scam website shows a transaction history of the giveaway records to trick users into thinking that the giveaway is real and works. However in reality, once the crypto is sent by the user, the funds will be lost to the scammer and there will be no rewards to receive in the end.

Oftentimes, scammers might use old videos or even resort to deep faking a popular figure, to trick users into thinking that the person is endorsing and promoting a new giveaway. When in reality, this cannot be further away from the truth.

A common similarity among these cases is that there will be fake engagement in the video’s comment section. This is to psychologically trick users into thinking that this trading bot really works well.

IMG-12

Also, if this is in the description, RUN. It is a HUGE red flag.

IMG-13

Conclusion

Scams will continue to grow in a decentralized environment such as crypto so it is critical for us to each be responsible for our own security. To beef up the security and safety of users in the BNB Chain, Hashdit has been partnering with ecosystem players such as PancakeSwap and AvengerDAO to detect scams as soon as possible. Moving forward, we will strive to build a safe ecosystem for both protocol users and smart contract developers on the BNB Chain.

If you found this article useful, please share it around on Twitter and tag us! If there are any scams you would like us to cover as well, please drop us a message!

Remember the golden rule: If it is too good to be true, it probably is. Till then, stay safe!

· 7 min read
Ayden Duan

Rugged. Rugged. Rugged.

If you are a DeFi investor, you have definitely heard of these words. As newly DeFi projects mushroom to BSC chain each day, not all of them are good —— be careful, they might steal your investment! According to the 200 most recently launched DeFi project analysis in RugDoc, 28% of them are tagged as “High Risk”, which means that they are highly likely to lead to catastrophic losses as they are right now, and 29% of them are marked as “Some Risk” that have ability to perform soft rug, and only 43% of them are “Low Risk” or “No Risk”.

In other words, there is more than 28% probability that you lost all your the investment on DeFi project (if you randomly picked one!). Such lost maybe due to ignorance, credulous, or lack of learning. So, how do you control the risk of investment in DeFi and how to identify whether the project has a high likelihood of screwing you over? This article helps you to spot a potential rug DeFi project by following some simple steps, which only takes around 10 minutes. Remember, scammers are becoming smarter and smarter and they are able to disguise their project to make it look safe. So, even if you find a project with no obvious problem —— proceed with caution!

Step 1: Verify the contract you are interacting with

When we enter a project’s website, they may have a reference to which MasterChef contract you are interacting with. However, it might be a lie! The contract you are actually interacting with may be different to the one they posted on the website. To verify this, the most trustable way is to do a “test” transaction:

IMG-1

Take MetaMask as an example, the contract you are actually interacting with is shown on the right corner. Copy it with a left click and check whether the contract address is the same as they show to you. Also make sure the contract source code is “verified” by BscScan (check whether there is a green mark above “Contract Name”).

(Verified contract has a green mark above “Contract Name”)

IMG-2

Step 2: Check the “owner” of contracts

In a DeFi project, the MasterChef contract is the one who manages most operations, and you can verify the MasterChef contract by following step 1. However, MasterChef is super-powerful, and should not be owned by a regular address. Honest developers will create a Timelock contract to own the MasterChef, and each write operation by the owner to MasterChef will be delayed for a period of time, giving you time to take your investment out if developers made any mistake. On the other hand, evil scammers try to own the MasterChef themselves —— so that they can take away your money in a second. Usually, the ownership graph between each contract is shown as follows:

IMG-3

Such verification can be done by reading the contract variable and verifying the addresses on BscScan. Let’s walk through this process with an example of PancakeSwap:

  1. Find the PancakeSwap MasterChef (0x73feaa1ee314f8c655e354234017be2193c9e24e) on BscScan.com, and click on “Read Contract”.

IMG-4

  1. Find the “owner” variable of the MasterChef.

IMG-5

  1. Click on the address link, and we found that it is a Timelock contract.

IMG-6

  1. Next, find the Token contract in MasterChef, the PancakeSwap token is named “cake”. This might vary from projects.

IMG-7

  1. Click on it, and find whether the owner of “cake” is the MasterChef contract we came from.

IMG-8

  1. Compare the addresses, they are the same! Meaning that the PancakeSwap project is safe (for now), Hoo-Yeah!

Note: When checking the Timelock and Token contracts, make sure that they are “verified” by BscScan!

Step 3: Check upgradable proxy & Timelock duration

If a project’s MasterChef uses “upgradable proxy” (if you don’t know what is an upgradable proxy, Click Here), then its code is totally modifiable by its owners. For such powerful contract like MasterChef, you generally do not want it be easily changed —— cause the developers may replace the original MasterChef with an evil one. Thus making sure the project’s MasterChef do not use proxy is very important. When you clicking on the “Contract”, you do NOT want to see these extra buttons:

IMG-9

The “Read as Proxy” and “Write as Proxy” means that they are using upgradable proxy to deploy their contracts. It does not always mean the end of the world, but you would better ask the developers why did they do so —— and they’d better give a reasonable answer.

In the previous step, we told you to check the Timelock contract, but we also need to make sure that the Timelock is actually locking some “time”! To verify this, we go to the “Read Contract” of Timelock:

IMG-10

As you can see here, the minimum delay of this Timelock is 21600 seconds, which is 6 hours, and the current delay is set to 21700 seconds. This mean that the developers’ action will be delayed for at least 6 hours before they take actual effects. Generally, you want the minimum delay time to be set above 6 hours —— to not worry about your investments while you are asleep.

Step 4: Check commonly evil features

There can be lots of evil code hiding inside the contracts, and finding all of them is super time-consuming. Luckily, there are some commonly-used evil features by the scammers, and if you find the project you are about to invest contains one, or multiple of the following code, be careful, you might get rugged!

  • (High Risk) If they have the “migrate” function in MasterChef. (Except PancakeSwap)
  • (High Risk) Search “fee => 10000” and see if they have any fee up to 100%.
  • (High Risk) If they have “setVaultAddress” function in MasterChef.
  • (High Risk) Go to their website, check whether “Total Value Locked” matches the sum up from their Liquidity Pools.
  • (Medium Risk) Check whether the number of “poolLength” in MasterChef matches the actual pool numbers on their website.
  • (Medium Risk) If they have “updateStartBlock” function in MasterChef, it might causes severe bug to the project if not used correctly.
  • (Medium Risk) If their code highly matched the Panther project (0x058451c62b96c594ad984370eda8b6fd7197bbd4), then proceed with caution because Panther itself have some “risks” due to operator privileges, and the newly started DeFi project are more tend to abuse them.

Woo-hoo! You luckily find your target DeFi project “passed” all the steps listed above and is going to dip into it…. Wait a minute! Passing this 10-minute test does not mean that it is totally safe, if you want to invest your lifetime money into it, think twice! As I mentioned above, this guide only helps you to make sure that the project does not do an “obvious rug”, but what if the scammers are smart? Here are some extra assessments you can do to lower your risk:

  • Check the top token holders of the project, they usually are the burn address or the staking contract.
  • Look deeper into the code and find if the dev is able to drain funds or unlimitedly emit new tokens to itself.
  • Track the transactions and ask dev team for any odd moves you found. Good dev will always give you space to ask questions.
  • Search on the twitter & any public rug scanning community about the project, if they have not done the review on it yet, submit a request.
  • Find whether the contract code has any audit. They’d better have one or two paid audits to prove their code security.
  • Do not put all your eggs in one bucket, and never invest what you can’t lose.