In March 2023, SushiSwap was the target of an attack. The attackers exploited a vulnerability in the project’s RouteProcessor2 contract to steal an estimated $3.3 million from SushiSwap users.

Inside the Attack

The SushiSwap hack targeted the project’s RouteProcessor2 contract, which had only been launched four days previously. This contract contained a vulnerability where it didn’t properly validate the route parameter provided by the user to the processRoute function. This vulnerability allowed an attacker to set the route to point to a malicious, attacker-controlled pool.

With a malicious pool, the attacker can call swapUniV3, which will set the variable lastCalledPool to the address of its pool and call the swap function of the malicious pool. That swap function will call uniswapV3SwapCallback, which validates the sender by checking to see that they are the lastCalledPool. Since this value is set to the malicious pool’s address, its callback is accepted.

With the ability to call back into the uniswapV3SwapCallback function, the attacker can construct transactions that drain tokens from the account of users that set up approvals for the new RouteProcessor2 contract. The attackers managed to steal about $3.3 million, and the scope of the attack was limited by whitehack hacks that frontrun malicious transactions.

Lessons Learned From the Attack

The SushiSwap hack demonstrates the importance of validating user-provided input. In this case, a failure to validate the routes provided by the user to RouteProcessor2 allowed the attacker to set up a malicious pool and drain tokens from users who had set up approvals for RouteProcessor2.

Like most of the biggest DeFi hacks to-date, this attack exploited vulnerabilities in unaudited code. For more information on how to protect your Web3 project against similar threats, reach out to our blockchain security experts.