background information
On May 6, 2024, the SATURN token was subjected to a price manipulation attack that resulted in a loss of 15 BNB.The attack occurred due to an ill-designed token deflation mechanism for the SATURN token, which allowed an attacker to manipulate the price by burning a pool of SATURN tokens to make a profit.
- Project Social Media:/Saturn_POM
- Social media alerts:/ChainAegis/status/1787667253435195841
- Attacking the contract:/address/0xfcecdbc62dee7233e1c831d06653b5bea7845fcc
This attack consists of two transactions
- Ready to trade:/explorer/tx/bsc/0xa14378822d85cd6d03e6dff1c6a25e609792d7e9588c6481d7492e82848224d7
- Attack the deal:/explorer/tx/bsc/0x948132f219c0a1adbffbee5d9dc63bec676dd69341a6eca23790632cb9475312
Project analysis
SATURN is a token protocol that includes mechanisms for token issuance, tax collection, locking and deflation. The vision of the SATURN token was to keep the price rising by destroying some of the tokens through a deflationary mechanism at the time of sale. Unfortunately, this was not the case and it was this elaborate deflation mechanism that led to the attack.
A brief description of the special mechanism in this token related to this attack event:
- fee on transfer: if both from and to are not in _excludedFees, a partial fee is charged.
- burn: If the to address is a pair, the burn mechanism is triggered.
Trace Analysis
Trace1
The attack contract exchanges 0.015 BNB for 99000 Saturn, repeated 10 times.
Trace2
- In step 1.1 the attacker lends 3300 BNB through Lightning Loan and returns it in step 1.2.
- The attacker exchanges 3204 BNB for 101030461 Saturn, sent to address 0xc8ce (owner).
- The attacker sells 228832 Saturn for 3220 BNB, completing the profit.
The 0xc8ce address is the owner address of the Saturn token and is recorded in _excludedFees, so no fee was deducted in this swap operation.
The attacker exchanges 3204 BNB for 101030461 Saturn, leaving 499999 Saturn in the pair.
The attacker then sells 228832 Saturn for 3220 BNB, triggering the tax collection and deflation mechanisms in this step:
- transfer 11441 Saturn as fee
- burn 499999 Saturn
- sync pair [Saturn, BNB] → [21851e-18, 3220]
- pair receive 217391 Saturn
transfer 11441 Saturn as fee
burn 499999 Saturn
When an attacker sells Saturn to a pair, it triggers its burn mechanism.
- The _processBlockOverflow() function records the maximum Saturn holdings for the current pair contract 499999
- Calculate the value of amountToBurn, (228832 - 11441) * 230 / 100 = 499999
- autoLiquidityPairTokens() function burns 499999 Saturn, 218521e-18 Saturn remaining in pair
After burning off a large amount of Saturn in the pair, the attacker exchanges 217391 Saturn for 3220 BNB, completing the profit.
The last thing I want to do is to return 3301 BNB to the flash loan and transfer 14 BNB of profit money.
Vulnerability Analysis
The problem with Saturn tokens is that the deflation mechanism is by design. The intention is to keep track of the amount of Saturn held by a pair when a user sells Saturn to the pair. Then burn off the number of Saturn tokens * 230% of the number of Saturn tokens sold by the user to deflate the price of Saturn.
The attacker buys a large amount of Saturn tokens through the flash credit (since this is a buy operation, the amount of Saturn held by the pair is not recorded at this point), leaving a small amount of Saturn in the pair. The attacker then sells the Saturn bought in the preparation transaction so that it satisfies [Sale Amount * Burn Factor = Pair Balance], burning most of the Saturn in the pair.
The deflationary mechanism was not designed to take into account the impact of flash lending on pair balances and the proximity of the number of sales to the magnitude of pair balances.
postscript
I've finished analyzing it before and had higher priority things to do, so I've put off writing this podcast until now. This token attack event will be a bit simpler compared to DeFi, and I may follow up with a bit more of a bias towards analyzing DeFi type attacks out of an exercise of my own abilities. This may be a relatively long process, I need to understand to learn a lot of DeFi protocols, to integrate. But a journey of a thousand miles must take the first step, and in the future, I may focus more on my own content, and try to find a kind of endogenous motivation without being overly concerned about some short-term gains and losses.