Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Reproducible Foundry test fork from SunWeb3Sec/DeFiHackLabs. Clone the repo, run forge test against the file path above, and replay the exploit against a mainnet fork at the historical block. Use for reproduction only — not for live targets.
The DeFi lending protocol Exactly Protocol was attacked and lost more than 7,160 ETH (approximately $12.04 million). The two contract attackers attack by calling the function kick() multiple times and use the developer contract on Ethereum to transfer deposits to Optimism and eventually transfer the stolen funds back to Ethereum. The root cause of the Exactly Protocol attack is #insufficient_check, the attacker bypasses the permission check in the leverage function of the DebtManager contract by directly passing an unverified fake market address and changing _msgSender to the victim address. Then, in an untrusted external call, the attacker re-enters the crossDeleverage function in the DebtManager contract and steals the collateral from the _msgSender class. Exactly Protocol tweeted that the suspension of the agreement has been lifted, users can perform all operations, and no liquidation has occurred. The hack only affected users using the peripheral contract (DebtManager), the protocol is still functioning normally. Attack method (per SlowMist): Unchecked Input Data. Reported loss: $ 7,300,000.
- chain
- ethereum
- protocol
- Exactly Protocol
- bug_class
- unknown
- date_occurred
- 2023-08-18
- loss_usd
- $7,300,000
- source_id
- sm:exactly-protocol::2023-08-18