Hdr_About.jpg

Detail Analysis

link.png

Date:

Status:

Count:

Contributor:

November 7, 2021

info.png

Verified

1

zerofriction.io

Loss Amount:

537,000

info.png

Recovered Amount:

-

Currency:

Dollars, BNB

KYC By:

Audit By:

None

None

info.png

Website:

Twitter:

No data

Discord:

No data

Telegram:

No data

Medium:

No data

Github:

No data

info.png

Key Indicators

Platform:

Type:

Category:

Method:

Multi-Chain

Protocol

Dexes

Flash Loans

Extended Method:

Flash loan attack

Data Sources:

info.png

Nerve Bridge protocols use code that was forked from Saddle.Finance. The Nerve Bridge attacker stole about 900 BNB worth over $537,000.This code contained a vulnerability in how it implemented two related functions: swap and swapunderlying. One target was the Nerve.3pool. This allowed swaps between fUSDT and an LP token of BUSD, USD, and USDC.

The Nerve Bridge attacker exploited this discrepancy using a flash loan attack. By using the swap function, the attacker was able to get an inflated number of LP tokens for the fUSDT they added to the pool. The attacker then removed the liquidity of BUSD from the pool to get BUSD, after which they then used the swapUnderlying function to exchange for more fUSDT than they started with.

info.png

DISCLAIMER: While Zero Friction LLC has used the best efforts in aggregating and maintaining this database, Zero Friction LLC makes no representations or warranties with respect to the accuracy or completeness, and specifically disclaim any implied warranties of merchantability or fitness for any particular purpose. 

Under no circumstances, shall Zero Friction LLC be liable for any loss of profit or funds, any regulatory or governmental penalties, any legal costs, or any other commercial and non-commercial damages, including but not limited to special, incidental, consequential, or other damages from any or all usage of the dataset or information derived from our database.