April 25th, 2022
In April 2022, Beanstalk, an Ethereum-based stablecoin protocol, was the victim of an attack targeting its governance protocol. The attacker stole $181 million from the project but only kept $76 million of the stolen assets.
Beanstalk uses a decentralized governance protocol. This includes an emergencyCommit function where it can be approved by a supermajority (2/3 vote) and implemented after 24 hours rather than going through the standard process.
The Beanstalk attack was carried out via two malicious Beanstalk proposals. These smart contracts (Beanstalk Proposals #18 and #19) drained the Beanstalk smart contract and sent the stolen tokens to the attacker’s address and also the Ukraine donation address.
To have the proposals approved, the attacker needed to control 2/3 of the votes for the governance protocol. However, voting power is determined based on donations to the Beanstalk protocol’s Diamond contract.
After the one-day waiting period had passed, the attacker was able to use a flashloan to perform a large deposit to the Diamond contract. This allowed them to control 79% of the governance protocol’s votes, which is much larger than the 2/3 needed to get the proposal approved. With this power, the attacker could unilaterally approve their proposal using emergencyCommit.
Once the malicious proposal was enacted, the value stored in the Beanstalk protocol was distributed to the Ukraine fund and the attacker, who used it to pay off their flashloan. In the end, the attacker earned a profit of $76 million out of the $181 million stolen.
The Beanstalk hack demonstrates the risks of flashloans for decentralized governance protocols. With the leverage provided by a large loan, the attacker was able to completely control the Beanstalk protocol’s governance process.
However, the attack also underscores the importance of cybersecurity best practices. The one-day delay in enacting even emergency governance proposals is intended to provide an opportunity to prevent these types of attacks, but this malicious proposal apparently went unnoticed. Additionally, according to Omniscia, Beanstalk’s smart contract auditor, the governance functionality exploited in the attack was not audited before release.