Stader Labs NearX Update

Webinar on Monday: Digital Asset Custody with Grayscale & Sygnum Bank →

- Assurance
  Smart Contract Assessment
  Securing code integrity, protecting digital assets
  Smart Contract Assessment
  Securing code integrity, protecting digital assets
  Blockchain Layer 1 Assessment
  Assessing protocols, securing blockchain foundations
  Blockchain Layer 1 Assessment
  Assessing protocols, securing blockchain foundations
  Code Security Audit
  Uncovering flaws, strengthening software integrity
  Code Security Audit
  Uncovering flaws, strengthening software integrity
  Web Application Penetration Testing
  Exposing weaknesses, fortifying digital defenses
  Web Application Penetration Testing
  Exposing weaknesses, fortifying digital defenses
  Cloud Infrastructure Penetration Testing
  Securing configurations, protecting critical environments
  Cloud Infrastructure Penetration Testing
  Securing configurations, protecting critical environments
  Red Team Exercise
  Simulating real-world attacks, strengthening defenses
  Red Team Exercise
  Simulating real-world attacks, strengthening defenses
  AI Red Teaming
  Testing AI systems against real threats
  AI Red Teaming
  Testing AI systems against real threats
  AI Security Assessment
  Securing AI models, data, and pipelines
  AI Security Assessment
  Securing AI models, data, and pipelines
- Advisory
  AI Advisory
  Guiding secure, strategic AI adoption forward
  AI Advisory
  Guiding secure, strategic AI adoption forward
  Risk Assessment
  From unknown threats to actionable insights
  Risk Assessment
  From unknown threats to actionable insights
  Blockchain Architecture Assessment
  Optimizing architecture for tomorrow’s networks
  Blockchain Architecture Assessment
  Optimizing architecture for tomorrow’s networks
  Compliance Readiness
  Stay ready as regulations evolve
  Compliance Readiness
  Stay ready as regulations evolve
  Custody and Key Management Assessment
  Securing the heart of digital custody
  Custody and Key Management Assessment
  Securing the heart of digital custody
  Technical Due Diligence
  See the risks before you invest
  Technical Due Diligence
  See the risks before you invest
  Technical Training
  Empower your teams to secure what matters
  Technical Training
  Empower your teams to secure what matters

On August 16 at approximately 9:30 AM EST, a vulnerability in Stader’s NearX smart contract was exploited. The Stader team along with Halborn quickly contained the exploit, protecting most funds.

The loss was estimated at ~165k NEAR and was limited to the Dex’s. The ~2.5Mn $NEAR staked on the Stader dapp remained safe with validators. Stader has demonstrated strong leadership and commitment to its users by announcing to fully reimburse users for their losses on the LPs. Please find more details here: https://twitter.com/stader__near/status/1559992693471604736

The technical nuances that led to the exploit are as follows:

When reading from storage, NEAR creates a snapshot that is loaded to runtime memory. When NEAR attempts to load the same variable into runtime memory it creates a copy. Stader’s smart contract was written with the assumption that the runtime variable would always point to the same object in memory (not a copy).

Because of this, when a token transfer was executed with sender and receiver being the same user, it resulted in two variables corresponding to the balances. Both were associated with the sender, however, one’s balance was reduced and the other’s was increased. Then both variables were saved to the storage; however, the increased balance was saved last, overwriting the previously saved decreased balance. The attacker was then able to generate tokens out of thin air.

Here is the full incident report from Stader Labs.

This was one of the rare occurrences where we worked with a memory storage assumption, and discovered otherwise during the post-mortem and the fix. As soon as the attack was discovered, Halborn and Stader worked together to identify the root cause, halt the contract, and deploy a fix. We have audited this fix and are confident that this exploit cannot happen again.

As a cybersecurity firm dedicated to cutting-edge technology in the wild world of web3, we stand behind our record of quality research and capabilities. That said, security is an art and we take full responsibility for not finding this truly impressive exploit. One of Halborn’s core values is Kaizen, a Japanese concept around continual learning and improvement. NEAR is a new, exciting ecosystem and we strive to continue our research and only improve our auditing capabilities within it.

For more info on Stader Labs, visit:

TG: https://t.me/staderlabs_near_official

Twitter: https://twitter.com/stader__near

Main Discord: https://discord.gg/asBqz79Hv9

Stader Labs NearX Update

Related Blog Posts

Disclaimer