VERDICT —UNRATED
Verdict pending. Auto-ingested incidents are reviewed before a public verdict is rendered.
Root cause
Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
▰ PROOF OF CONCEPT
DEFIHACKLABS
src/test/2022-04/Rari_exp.sol
view forked test on github ↗Reproducible Foundry test fork from SunWeb3Sec/DeFiHackLabs. Clone the repo, run forge test against the file path above, and replay the exploit against a mainnet fork at the historical block. Use for reproduction only — not for live targets.
Forensic narrative
Decentralized finance (DeFi) platforms Rari Capital and Fei Protocol suffered a more-than-$80 million hack early Saturday. The hacker exploited a reentrancy vulnerability in Rari’s Fuse lending protocol, according to a tweet by smart contract analysis firm Block Sec. Reported loss: $80,000,000.
Primary source
https://www.coindesk.com/business/2022/04/30/defi-lender-rari-capitalfei-loses-80m-in-hack/ ↗Sourced from
chainsec
Technical record
- chain
- —
- protocol
- Rari Capital + Fei Protocol
- bug_class
- reentrancy
- date_occurred
- 2022-05-01
- loss_usd
- $80,000,000
- source_id
- cs:rari-capital-fei-protocol::2022-05-01
Related — same bug class· reentrancy