Harvest Finance Releases Attack Postmortem After Losing $24 Million

On Oct 26, the DeFi farming Harvest Finance protocol was drained of at least $24 million in liquidity through a flash loan attack as reported by BeInCrypto at the time. The protocol has taken responsibility for what it called an ‘economic attack’ and ‘engineering error’ and has made a remediation plan for affected users its top priority.

“We take responsibility for this engineering error and are ensuring such incidents are mitigated in the future.”

Harvest Finance Postmortem

In a postmortem blog post, Harvest Finance breaks down the events that led to the draining of millions of dollars of crypto funds from its liquidity pools. The report explained that the attacker exploited arbitrage and impermanent loss features that influenced the value of individual assets inside the Y pool of Curve Finance, where the vault funds resided. Around 18 million USDT and 50 million USDC were sourced from Uniswap and deployed into the attacking contract. The smart contract converted the USDT via a swap inside the Y pool, creating a higher value of USDC inside the pool as the other assets incurred an impermanent loss. The attacker also deposited the USDC into Harvest’s USDC vault, receiving a total of 51.4 million fUSDC at 0.97 USDC per share, decreasing the value of the shares by approximately 1%. The USDC was converted back into USDT via the Y pool to obtain the original lower value of USDC due to the reverting of the impermanent loss effect. The DeFi pirate then withdrew from Harvest’s USDC vault trading all fUSDC shares back for a slightly higher share price as the value of USDC inside the Y pool decreased. The USDC was paid entirely by the buffer of the Harvest USDC vault, not interacting with Y pool at all, to net a profit of around 620k in USDC.

Flash Loan Kung Fu

This process was then executed 30 times in seven minutes, netting the attacker a tidy sum of around $24 million in USDT and USDC. The share prices of both stablecoin vaults plummeted, making the overall loss even greater.

“The value lost is about $33.8 million, which corresponded to approximately 3.2% of the total value locked in the protocol at the time before the attack.”

This was a very sophisticated arbitrage attack — it was not a hack and no smart contract code was compromised. Flash loans are not easy to master, a notion that was expanded on in one summary of the events;

“Mastering flash loans is like turning up to a 12th century jousting tournament on a Harley Davidson dual-wielding AK47’s; nobody expects it, plebs get rekt.”

Harvest Finance is working on mitigating future flash loan exploits but the damage has already been done. Around $600 million in total value locked has fled the protocol over the past 24 hours according to DeFi Pulse and FARM tokens have dumped 58% in the same period.