Detailed Explanation of Qubit Project QBridge Hacked: $80 Million Missing
According to the intelligence of Slow Mist District, on January 28, 2022, the QBridge of the Qubit project was attacked, causing a loss of about 80 million US dollars. The SlowMist security team conducted an analysis and shared it with you in the form of a brief analysis.
Briefly analyze
1. The attacker conducts the deposit operation through the QBridge contract on ETH, and passes in the data consisting of the destinationDomainID of the target chain to be crossed, the asset resourceID of the cross-chain asset to be crossed, the amount of cross-chain funds, and the receiving address when depositing.
2. The attacker specifies that the incoming resourceID is the value required by the cross-ETH Token, but it calls the deposit function of QBridge instead of the depositETH function, so the check of the amount of cross-chain funds and msg.value is first bypassed. The deposit function will take out the handler address from the mapping according to the resourceID to recharge. Since the attacker passes in the value required by the real cross-ETH Token, the deposit function of the handler contract can be successfully called.
3. The deposit function of the handler contract will check whether the Token to be recharged out according to the resourceID is in the whitelist. Since the resourceID passed in by the attacker corresponds to ETH, the Token to be recharged out in the mapping is 0 address, and it will It is considered to be recharging ETH and passed the whitelist check. However, the deposit function did not check the Token address to be recharged again (the ETH recharge should be cross-chain through the depositETH function), and then directly called the transferFrom function of the Token to be recharged through safeTransferFrom.
4. Since the Token address to be recharged is address 0, and the execution result of the call to the EOA address without code size will be true and the return value will be empty, so the transfer operation through transferFrom passes the check of safeTransferFrom, and finally triggers Deposit Cross-chain recharge event.
MistTrack analysis
MistTrack analysis
Summarize
Summarize
The main reason for this attack is that when recharging ordinary Tokens and native Tokens are implemented separately, when the Token in the whitelist is transferred, the address is not checked again to see if it is 0, resulting in recharging that should have been done through the native recharging function. However, the operation can smoothly go through the ordinary Token recharge logic. The SlowMist security team suggests that after the whitelist check of the recharged token, it is still necessary to check whether the recharged token is a native token.
Original link
https://etherscan.io/tx/0x478d83f2ad909c64a9a3d807b3d8399bb67a997f9721fc5580ae2c51fab92acf
https://bscscan.com/tx/0x33628dcc2ca6cd89a96d241bdf17cdc8785cf4322dcaf2c79766c990579aea02
