Protocol Exploit Report
Contents
Protocol Exploit Report
The Qubit protocol was subject to an exploit to our QBridge deposit function.
This report includes an analysis of the attack in its entirety in order to ascertain the nature of the exploit and, to prevent any similar exploits in the future.
Incident Timeline
- Jan-27–2022 09:18:55 PM +UTC: 0.8887725 ETH sent from tornado to attacker account
- Jan-27–2022 09:34:01 PM +UTC~Jan-27–2022 09:50:41 PM +UTC : Sent 16 deposit tx to QBridge of Ethereum
- Jan-27–2022 09:36:32 PM +UTC~Jan-27–2022 09:51:02 PM +UTC : Sent 16 voteProposal tx to QBridge contract of BSC by Qubit Relayer
- A number of xETH tokens were minted by 16 voteProposal tx, and liquidity in Qubit was withdrawn using this as collateral
Exploit Method
The attacker called the QBridge deposit function on the ethereum network, which calls the deposit function QBridgeHandler.
QBridgeHandler should receive the WETH token, which is the original tokenAddress, and if the person who performed the tx does not …
The Qubit protocol was subject to an exploit to our QBridge deposit function.
This report includes an analysis of the attack in its entirety in order to ascertain the nature of the exploit and, to prevent any similar exploits in the future.
Incident Timeline
- Jan-27–2022 09:18:55 PM +UTC: 0.8887725 ETH sent from tornado to attacker account
- Jan-27–2022 09:34:01 PM +UTC~Jan-27–2022 09:50:41 PM +UTC : Sent 16 deposit tx to QBridge of Ethereum
- Jan-27–2022 09:36:32 PM +UTC~Jan-27–2022 09:51:02 PM +UTC : Sent 16 voteProposal tx to QBridge contract of BSC by Qubit Relayer
- A number of xETH tokens were minted by 16 voteProposal tx, and liquidity in Qubit was withdrawn using this as collateral
Exploit Method
The attacker called the QBridge deposit function on the ethereum network, which calls the deposit function QBridgeHandler.
QBridgeHandler should receive the WETH token, which is the original tokenAddress, and if the person who performed the tx does not …