On November 19, 2024, the Polter Finance protocol was exploited, resulting in a loss of approximately $12 million.

Polter Finance is a decentralized, non-custodial lending and borrowing platform that operates on the Fantom blockchain. It allows users to deposit digital assets to earn interest and borrow against their holdings. The protocol is a fork of the GEIST platform, adopting similar smart contract structures with certain modifications, such as disabling flash loans to address known vulnerabilities.

The attack targeted the price oracle contract that monitors the price of the Boo token (the native governance token of SpookySwap) to perform over-collateralized borrowing of assets in the platform, which will be further analyzed in this post.

Overview

• Attacker: https://ftmscan.com/address/0x511f427cdf0c4e463655856db382e05d79ac44a6

• Vulnerable Contract: https://ftmscan.com/address/0x875d564a6a86f6154592b88f7a107a517f00cc17

• Attack Transaction: https://ftmscan.com/tx/0x5118df23e81603a64c7676dd6b6e4f76a57e4267e67507d34b0b26dd9ee10eac

Exploit Analysis

Looking at the attack transaction, we can see that the attacker tried to borrow a large amount of Boo tokens from Uniswap V3 and V2 pairs using the flashloan feature. The real purpose here was to manipulate the reserve ratio in the Uniswap V2 pool which would be used later in the Polter Finance Oracle contract.

The vulnerable contract that was targeted is the ChainlinkUniV2Adapter contract, which is a price oracle contract for the Boo token. This contract fetches the latest price of the Boo token from the Chainlink oracle and then combines the result with the reserve ratio of the Uniswap V2 pool to calculate the price of the Boo token. This is where the attack happens.

Looking at the _getPriceAndTimestamp function, the final price depends on the reserve ratio of the Uniswap V2 pool, which can be controlled by the attacker. By manipulating the reserve ratio, the attacker can make the price of the Boo token much higher than the actual price. Using the manipulated price, the attacker could borrow a large amount of other assets in the Polter Finance protocol which were over-collateralized.

Lessons Learned

The improper use of the Chainlink price feed can lead to significant security vulnerabilities. In this case, combining the Chainlink oracle price with the Uniswap V2 pool's reserve ratio to calculate the final price, rather than using the oracle price directly, proved to be a dangerous design choice. As with all critical protocol components, oracle implementations should be thoroughly audited and reviewed before being deployed to production.