Root cause is wrong ltv validation logic. Victim contract has “mintWithStable” function that exchanges received tokens to collateral tokens and mints ZeUSD tokens. “handleDeposit” function is used for token exchange on uniswap v3.
In this function, “amount”(amount of received tokens) is used for ltv validation. But if uniswap v3 pool is manipulated, exchanged collateral tokens can be much smaller than “amount”. This means mint ZeUSD tokens without enough collateral tokens. Amount of collateral tokens after exchange should be used for ltv validation.
Hacker manipulated pool state and called “mintWithStable”, amount of collateral token is 7669, but 330979 is used for ltv calculation and metadata with 330979 is stored.
After that, he was able to withdraw 330979 collateral tokens by burning ZeUSD tokens. He gained $285k.
Leave a Reply