Analysis of the Flash Loan Attack Incident on Cellframe Network

On June 1, 2023, at 10:07:55 AM (UTC+8), Cellframe Network was attacked by hackers on the smart chain due to a token quantity calculation issue during the liquidity migration process. This attack resulted in hackers profiting approximately $76,112.

Attack Process Analysis

The attacker carried out the attack through the following steps:

1. Use Flash Loans to acquire 1000 BNB and 500,000 New Cell tokens.
2. Exchange all New Cell tokens for BNB, causing the amount of BNB in the pool to approach zero.
3. Exchange 900 BNB for Old Cell tokens.
4. Before the attack, the attacker added liquidity of Old Cell and BNB, obtaining Old lp.
5. Call the liquidity migration function. At this point, there is almost no BNB in the new pool, and there are almost no Old Cell tokens in the old pool.

The migration process includes:

• Remove old liquidity and return the corresponding tokens to users.
• Add new liquidity according to the new pool ratio.

Due to the scarcity of Old Cell tokens in the old pool, the amount of BNB obtained when removing liquidity increases while the Old Cell decreases. This results in users only needing a small amount of BNB and New Cell to acquire liquidity, while the excess BNB and Old Cell will be returned to the users.

6. The attacker removes the liquidity from the new pool and exchanges the returned Old Cell for BNB.
7. Repeat the migration operation to achieve profits.

Vulnerability Causes and Prevention Suggestions

The fundamental reason for the success of the attack is the calculation problem during the liquidity migration process. To prevent similar attacks, it is recommended:

1. When migrating liquidity, one should fully consider the changes in the quantity of both old and new pool tokens as well as the current price.
2. Avoid relying solely on the quantity of the two tokens in the trading pair for calculations, as this can be easily manipulated.
3. Conduct a comprehensive security audit before the code goes live to identify and fix potential vulnerabilities.

This event once again emphasizes the importance of code security and comprehensive risk assessment in the field of decentralized finance. Project teams should always remain vigilant and continuously improve security measures to protect user assets and maintain the stability of the ecosystem.