(5/8/21) Rari Capital Exploit Timeline & Analysis

Rari Exploiter address (same address as Value Defi exploiter on BSC): https://etherscan.io/address/0xcb36b1ee0af68dce5578a487ff2da81282512233

Exploiter net gain: ~2600 ETH (~$10M)

On Saturday May 8th 1:48PM UTC, an exploiter started a series of transactions to Rari Capital’s Ethereum Pool contract and was able to exploit ~2600 ETH in the process that lasted for ~50 minutes.

High-level Exploit Analysis

Exploit & Action Timeline

The Exploit Technical Analysis

The exploit comes in a set of 2 (repeated) transactions:

Tx 1 ("work" call to Alpha Homora):

Tx 2 ("donate" call to RariFundController):

Remarks

Special thanks to PeckShield team for the quick notification and thorough investigation.

Also, the war room was quickly set up shortly after the Rari Capital exploit. DeFi developers and white-hackers, including C.R.E.A.M. team, Yearn team, Emiliano Bonassi, Calvin Chu, all gathered in the war room to help investigate and track the exploit. So, just want to say thanks to all.

Lead Engineer & Blockchain Researcher of Alpha Finance Lab | Ex-CRO OZT Robotics | B.S. & M.Eng. @MIT