Alpha Finance

Alpha Homora V2's `HomoraBank.sol` integrated with Iron Bank's `cyToken` for leveraged borrowing. The bug lived in two surfaces: (1) the `WERC20` wrapper allowed depositing borrowed sUSD to mint `cySUSD` shares whose accounting was rounded in a way that allowed a sub-1-wei deposit to mint a non-zero share, inflating `totalShare` cheaply; and (2) the `HomoraBank.execute()` flow allowed the attacker to repeatedly borrow tiny amounts of sUSD through `cySUSD`, exploiting an integer-rounding asymmetry so that each loop increased `cySUSD.totalSupply` while their own debt rounded down to zero. After many loops the attacker held nearly the entire `cySUSD` supply with negligible debt, then drew the full Iron Bank sUSD line of credit (~$37.5M across sUSD/USDC/USDT/DAI/WETH via similar paths). Root cause is a rounding-direction error in share-vs-debt accounting compounded across an unbounded loop the protocol allowed in a single transaction.