Radiant Capital, a major player in the DeFi space, recently fell victim to a $58 million exploit that affected both Arbitrum and BSC chains. The attacker managed to gain control of 3 out of 11 multisig signers, just enough to upgrade the contract’s implementation and drain significant funds.
This post-mortem dives deep into how it happened, where things went wrong, and what can be done to prevent future attacks.
Here’s the condensed breakdown:
Radiant Capital is a decentralized finance (DeFi) protocol designed to offer cross-chain borrowing and lending solutions powered by LayerZero. Users can seamlessly borrow assets and earn interest across multiple blockchains, creating a liquid market with substantial liquidity locked into its smart contracts.
However, like most DeFi projects, Radiant’s smart contracts and multisig wallets are key to its security architecture—an area that was exploited in this attack.
Interestingly, 14 days before the attack, the attacker’s address deployed a contract (0x57ba8957ed2ff2e7AE38F4935451E81Ce1eEFbf5) that played a key role.
0xd97b93f633aee356d992b49193e60a571b8c466bf46aaf072368f975dc11841c tx, address 0x0629b1048298AE9deff0F4100A31967Fb3f98962 called multicall function on this contract 0x57ba8957ed2ff2e7AE38F4935451E81Ce1eEFbf5.
Using the multicall function on this contract, they upgraded the contract implementation, taking ownership of Radiant's contract.
multicall()
function loops through a list of contract addresses (v1
), extracts data from msg.data
, and calls each contract.msg.sender
must be 0x629b1048298ae9deff0f4100a31967fb3f98962
(attacker address)varg1
(the address array) is valid and does not exceed the maximum memory size.msg.sender
, i.e., the admin (address 0x579145d6d1f26a460d9bdd3040c37517dac379ac
).balanceOf
function on the token contract (varg0
) to check the token balance of each address in the array.allowance
to verify the token allowance of each address in the array.0x911215cf312a64c128817af3c24b9fdf66b7ac95
), a predefined destination.Attacker’s addresses: 0x911215CF312a64C128817Af3c24B9fDF66B7Ac95
0x9c5939AAC4f65A0eA233E657507C7b54acDE2841
0x0629b1048298AE9deff0F4100A31967Fb3f98962
0x97a05beCc2e7891D07F382457Cd5d57FD242e4e8
0x8B75E47976C3C500D0148463931717001F620887
0xA0e768A68ba1BFffb9F4366dfC8D9195EE7217d1
0x579145D6d1F26a460d9BDD3040C37517dac379ac
Attacker’s contract:
0x921B00Fa38911337aeD702Fb4857877c1aca1141
0x57ba8957ed2ff2e7AE38F4935451E81Ce1eEFbf5
0xf0c0a1a19886791c2dd6af71307496b1e16aa232
Ready to secure your smart contracts? Take the first step towards a safer blockchain journey. Request an Audit with QuillAudits today & ensure your contracts are robust and secure!
Compromised Multisig Control:
The primary vulnerability was the attacker gaining control of enough multisig signers to carry out critical operations like transferring ownership. The multisig setup at Radiant required a minimum number of signers to authorize upgrades, and the attacker managed to seize just enough of these to pass their malicious upgrade.
Inadequate Multisig Security:
While multisig setups are typically seen as more secure than single-signature wallets, this exploit shows that they’re not foolproof. Multisig requires that multiple signers authorize a transaction, but the minimum threshold of 3 out of 11 allowed the attacker to successfully carry out the exploit.
Radiant Capital and the broader DeFi community acted swiftly in response to the exploit:
Stronger Multisig Requirements:
Radiant’s requirement for only 3 out of 11 signers was too low, considering the critical nature of these decisions. A higher threshold—say, 5 or 7 signers—would have made it more difficult for the attacker to gain enough control.
Enhanced Multisig Signer Security:
Multisig signers should have stricter security protocols in place. This could include hardware wallets, multisig signers spread across diverse geographic locations, and routine key rotations.
Decentralized Governance for Upgrades:
Instead of relying solely on multisig for contract upgrades, protocols should consider a time-locked decentralized governance process. This would allow the community to vote on upgrades and pause any suspicious activity before it’s executed.
Multisig Wallet Audit:
To further bolster security, teams can consider getting their multisig wallets and security processes audited by firms like QuillAudits, which specialize in identifying and mitigating such vulnerabilities before they become exploitable.
Choosing a reputable audit firm like QuillAudits ensures that your protocol undergoes rigorous scrutiny
from experienced security professionals. QuillAudits specializes in uncovering critical vulnerabilities and providing actionable remediation strategies.
Our expertise helps safeguard your project from attacks, ensuring that security issues are addressed proactively.
Your weekly dose of Web3 innovation and security, featuring blockchain updates, developer insights, curated knowledge, security resources, and hack alerts. Stay ahead in Web3!