Harmless mistake that cost $360k. SIR.Trading case

On March 30, a successful attack was carried out on the decentralized crypto derivatives exchange SIR.trading. The attacker managed to withdraw assets worth $300 000. The attacker used a non-standard way to compromise the project. Representatives of the exchange reported that all their funds were stolen, so the further work of the platform remains in question.

Source: Аккаунт SIR.trading (@leveragesir) в X

What you need to know

In January 2024, version 0.8.24 of Solidity was released. It is a programming language that is used to develop smart contracts in the Ethereum Virtual Machine (EVM). The upgrade added a temporary data store that is only valid when transactions are executed.

The new storage, dubbed transient storage, stores data only during transaction execution. The information in the storage is automatically cleared after the transaction is executed. The transient storage is accessed using two EVM commands:

• TSTORE(key, value): stores a 256-bit value by the specified key in temporary storage
• TLOAD(key): retrieves the 256-bit value from temporary storage using the specified key

Besides its obvious convenience, temporary storage has become a popular tool with developers due to its low gas cost. The TSTORE and TLOAD commands require only 100 units of gas to execute, while using regular storage (SSTORE) requires up to 20 000 units of gas.

It was the temporary storage mechanism that the attacker targeted. He used an exploit that prevented the temporary storage from being automatically cleared after the transaction. The hacker used the obtained data to further bypass permission checks and transfer tokens.

What happened when MIM was hacked. Detailed analysis of the attack

We reveal the scheme by which the hacker manipulated cryptocurrency loan collateral

Read more

How the hack was carried out

The attacker performed a sophisticated attack using Uniswap V3. He created two new tokens. One was used as a primary token, and the other was used as a debt token. When creating the debt token, the hacker was able to get into the temporary storage and use it to change the amount of coins being issued. He then used this to issue a large number of main tokens using leverage on SIR.trading.

The hacker’s address: 0x27defcfa6498f957918f407ed8a58eba2884768c

Compromised smart contract code: 0xb91ae2c8365fd45030aba84a4666c4db074e53e7

Attack transaction: 0xa05f047ddfdad9126624c4496b5d4a59f961ee7c091e7b4e38cee86f1335736f

Let’s go after the money

After the successful attack, 17,8k USDC, 1,4 WBTC, and 119,8 WETH were withdrawn to the hacker’s address 0x27d. The total amount of stolen assets amounted to about $360k. Next, the hacker exchanged WBTC and USDC for 63,5 WETH and 9,7 WETH, respectively. Next, 193,1 WETH was sent to the Railgun decentralized protocol for laundering.

Warning to developers

To prevent malicious users from using the Ethereum EVM temporary storage, developers are advised to forcefully clear the storage value using the TSTORE(key, 0) command.