Previous Hacks Index

This section analyzes real-world hacks and demonstrates how assertions could have prevented them. These case studies provide concrete examples of how assertions work as a safety net, catching vulnerabilities that might slip through traditional security measures like audits and testing. Each analysis includes:

Detailed explanation of the attack mechanism
Root cause analysis of the vulnerability
Specific assertion code that would have prevented the exploit

Access Control & Administrative Vulnerabilities

Radiant Capital Hack

Attack Type: Ownership Takeover
Loss: $58M+ USD
Root Cause: Attackers gained control of multisig signers and changed ownership of lending pools
Prevention: Owner change assertions with proper validation and whitelisting

Bybit - Compromised Safe Wallet UI

Attack Type: UI Compromise + Implementation Change
Loss: $1.4B USD
Root Cause: Compromised frontend showed fake transactions while changing proxy implementation
Prevention: Implementation address change assertions and transaction validation

UxLink Multisig Ownership Compromise

Attack Type: Private Key Compromise + Multisig Manipulation
Loss: $39.3M USD
Root Cause: Compromised private keys enabled rapid multisig reconfiguration and threshold reduction
Prevention: Threshold protection assertions, owner whitelisting, and cooling periods

Arithmetic & Calculation Errors

Abracadabra Rounding Error Attack

Attack Type: Rounding Error Exploitation
Loss: $6.5M USD
Root Cause: Rounding error in RebaseToken mechanism allowed base value inflation
Prevention: Invariant checks ensuring debt shares consistency

Bunni XYZ Rounding Error Exploit

Attack Type: Rounding Error + Liquidity Manipulation
Loss: $8.4M USD
Root Cause: Rounding error in withdrawal mechanism led to disproportionate liquidity decreases
Prevention: Withdrawal proportionality assertions ensuring balance decreases match share burns

Compound Upgrade Bug

Attack Type: Logic Error in Upgrade
Loss: $280K USD (limited by quick response)
Root Cause: One-letter bug (> instead of >=) in reward calculation
Prevention: Maximum reward rate validation assertions

Vestra DAO Hack

Attack Type: Unchecked State Flag
Loss: Protocol drained
Root Cause: Missing validation of isActive flag in unstake function
Prevention: State flag validation assertions

Oracle & Price Manipulation

Cream Finance 2

Attack Type: Price Manipulation
Loss: $130M USD
Root Cause: Sudden price manipulation through asset donation to vault
Prevention: Price deviation monitoring assertions

KiloEx Price Oracle Manipulation

Attack Type: Access Control + Price Manipulation
Loss: $7.5M USD
Root Cause: Lack of access controls in MinimalForwarder allowed price manipulation
Prevention: Price deviation assertions and access control validation

GMX v1 AUM Manipulation Hack

Attack Type: Reentrancy + AUM Manipulation
Loss: $42M USD
Root Cause: Reentrancy vulnerability allowed artificial AUM inflation
Prevention: AUM manipulation bounds assertions and atomic state consistency

Introduction

Assertions

Access Control & Administrative Vulnerabilities

Radiant Capital Hack

Bybit - Compromised Safe Wallet UI

UxLink Multisig Ownership Compromise

Arithmetic & Calculation Errors

Abracadabra Rounding Error Attack

Bunni XYZ Rounding Error Exploit

Compound Upgrade Bug

Vestra DAO Hack

Oracle & Price Manipulation

Cream Finance 2

KiloEx Price Oracle Manipulation

GMX v1 AUM Manipulation Hack

Protocol Logic Vulnerabilities

Euler Finance Donation Hack

First Depositor Bug

Visor Finance Unrestricted Mint

Introduction

Assertions

​Access Control & Administrative Vulnerabilities

​Arithmetic & Calculation Errors

​Oracle & Price Manipulation

​Protocol Logic Vulnerabilities

Access Control & Administrative Vulnerabilities

Arithmetic & Calculation Errors

Oracle & Price Manipulation

Protocol Logic Vulnerabilities