The following article is meant to provide a technical post-mortem and analysis of the Bloom Rebasing Yield Exploit, taking place on May 9th, 2024.

Summary

On Thursday May 9th between 2:45AM to 7:00AM UTC, there was an attack made on Bloom where the attacker exploited a net of $539,000 USDB from vault contracts. The bug was identified and then remedied about one hour after discovery.

Root Cause

The exploit was due to an issue with how Blast-native yields were handled when updating cash for a position, specifically for positions that are in a loss during withdrawal.

Background:

• Traders who are in a loss with their positions are provided extra collateral through accruing native yields over time. This feature provides the best liquidation price possible for traders, and no longer applies when positions are in profit again.

• Updating cash (deposit or withdrawal) helps traders adjust their leverage on positions if they want more or less risk.

The core problem was located in the method updateTrade(Trade memory _t) inside of TradingStorage.sol . This method updates relevant data for an existing trade during cash deposit / withdrawals through updateMarginCallback inside of TradingCallbacks.sol .

The timestamp variable that defines the pending yield accrued for a position was not being updated correctly when positions have pnl < 0. Because the timestamp wasn’t updated appropriately, this allowed the attacker to continuously withdraw USDB equivalent amounts of accrued yield on their positions over and over again.

Resolution

The UpdateMargin method was the entry point of the attack, and upon discovering the cause, the Bloom team proceeded to make an upgrade to remove the functionality from the smart contracts. The feature was effectively disabled to avoid further damage.

Funds Recovery

The Bloom team was able to identify, patch, and recover 90% of exploited funds within 12 hours of the attack. The funds were reimbursed to affected LPs directly to their wallets based on a snapshot taken as of:

blockNumber: 3206461

timestamp: May-09-2024 02:45:37 AM +UTC

We couldn’t have done this without the help of key onchain sleuths like ZachXBT and security firms like Hexagate. Bloom recovered funds in record time for our users by negotiating a 10% bounty for the exploiter. We prioritize our user safety and will do our best to always communicate in a timely and transparent manner.

Timeline of Activity

• First Attacker’s Transaction - May-08-2024 01:28:41 AM +UTC

• Exploit Starts - May-09-2024 02:45:37 AM +UTC

• Exploit Finishes - May-09-2024 06:48:19 AM +UTC

• Team sees reports and starts investigating suspicious on-chain activity - May-09-2024 07:21:00 AM +UTC

• Team identifies the root cause and starts drafting a fix - May-09-2024 08:05:00 AM +UTC

• Team patches a fix on the smart contracts - May-09-2024 08:21:03 AM +UTC

Future Security Improvements

• Work with trusted auditors (Zellic) to address and re-implement the UpdateMargin method. (In progress)

• Integrate better real-time detection systems with trusted third party providers like Guardrail.ai, Hexagate, etc. (In progress)

• Collaborate with established security groups for crisis management / diagnosis (In progress)