Hacker Infiltrates Spartan Protocol Pools Causing Losses Worth $30 Million
On May 1, 2021, Spartan Protocol pools faced an exploit event that led to the loss of $30 million. The hack emerges from a miscalculation of the liquidity shares whereby a digital token in a pool is burnt to obtain the specific asset. In essence, the perpetrator intends to acquire a massive amount of assets by increasing the pool’s asset value before burning a similar amount of pool tokens.Â
Therefore, to take advantage of the pool, the address had to play with several operations that started with borrowing a flashloan worth 10K WBNB from PancakeSwap.
What TranspiredÂ
The suspect converts 1,913.172376149853767216 WBNB to SPARTAN five times using the affected Spartan pool in the next step. This reaps a total of 2,536,613.206101067206978364 SPARTA, which is included in the pool along with 11,853.332738790033677468 BNB. It then mints pool tokens (SPT1-WBNB) worth 933,350.959891510782264802.Â
The suspect repeats the same process but this time converts 1,674.025829131122046314 WBNB to SPARTAN ten times with the same pool to obtain a total of 2,639,121.977427448690750716 SPARTA.
The Hack’s In-depth Analysis
Afterward, the pool’s asset balance is pumped up by sending 21,632.147355962694186481 WBNB together with the SPARTA amount mentioned above (2,639,121.977427448690750716 SPARTA).
A burning procedure comes next whereby 933,350.959891510782264802 pool tokens are burnt to give 20,694.059368262615067224 WBNB and 2,538,199.153113548855179986 SPARTA. A total of 1,414,010.159908048805295494 pool tokens are then added into the pool with a certain liquidity amount to attain 21,555.69728926154636986 WBNB and 2,643,882.074112804607308497 SPARTA. The wallet address continued with the above process to squeeze out the pool’s funds.Â
Later on, the flashloan is repaid at 100,260 WBNB. An accurate computation has to utilize the cached balance in the base amount pooled against the token amount pooled. However, in this case, the hacker managed to control the pool since there was a miscalculation between the current balance and liquidity share computation.
About Spartan Protocol
Spartan Protocol operates as a community-driven project with a broader number of contributors. The platform is home to various functionalities such as granting liquidity to assets, developing lending markets, and synthetic assets.
Its decentralized architecture boosts the ecosystem’s security and also protects holders who look forward to benefiting from their tokens.
Furthermore, the protocol aims at incentivizing the development of deep liquidity pools. Spartan Protocol resides on the Binance Smart Chain to leverage cheaper transaction fees and immediate settlement of trades.