$200 M Venus Protocol hack analysis

Venus protocol $200 M hack analysis

On May 18th, Venus Protocol suffered a huge $200M+ in liquidation. This was due to price manipulation of the governance token (XVS) which led to a $100M+ of bad debt accumulation.

Background

Venus protocol allows the user’s to borrow funds, by depositing XVS as collateral. The borrowed value is always lower than the amount in collateral. If the collateral value declines, the protocol may sell it to recover the loaned amount. At this time, Venus protocol is one of the largest lending platforms on the Binance Smart Chain (BSC). According to DefiStation, Venus is ranked second in terms of TVL (total value locked) on BSC. Venus uses its governance token, XVS, for on-chain voting by the community.

On May 18th, the XVS token’s price was manipulated to borrow more BTC and ETH. And when the price declined and the collateral was liquidated, Venus was left with a debt of $100M+. There are different theories regarding this incident. Some blame the Venus team and some blame the Chainlink oracles which Venus uses to track the XVS price.

Events

  • On May 8th, Collateral Factor was increased from 60% to 80% for borrowing of funds with XVS as collateral.
XVS/BUSD Market Price snapshot from Binance on 18th May 2021
XVS/BUSD Market Price snapshot from Binance on 18th May 2021

What exactly happened?

Regarding this incident, there are different theories. A research analyst that goes by the username @FrankResearcher on Twitter, has blamed the chainlink oracle used by Venus. According to him the price reported by the oracle was ‘almost double’.

Another theory is that the price manipulation was done by the Venus team. An anonymous user that goes by the username @InsiderVenus on Twitter, has shared some evidence in this blog post.

According to him, the main account involved in this whole incident is 0xef044206db68e40520bfa82d45419d498b4bc7bf.

During this incident, this account received high amounts of XVS from Binance hot wallet. It later supplied those tokens to Venus to increase the collateral and borrow more BTC or ETH. Those borrowed funds were transferred again to Binance. This whole scenario was repeated several times. The total amount of XVS that came into this account was around 912,219. (source)

It is suspected that the funds transferred back to Binance were used to buy more XVS, thus increasing the price and allowing more funds to be borrowed on Venus. When this account stopped transferring funds to Binance and buying more XVS, the market declined sharply. When the price decreased, the collateral was liquidated to cover the loan amount. But the price had declined so much that the amount sold was not able to cover the original loan. This also triggered cascading liquidations.

In the end, this account was left with a 2000 BTC + 10000 ETH debt (100M+ in USD) which it might never pay back to Venus. Then all the amount was sent to a Binance account 0x164a03A5190357A998378DA7eC7E882c090ad029.

@InsiderVenus has provided some evidence which hints at the Venus team’s involvement:

  • The Venus team used this Binance account in April 2021, to buy back $3.5M worth of XVS. (source)

This suggests that the Venus team might be behind all these price manipulations and the bad loans accumulated by the protocol. Joselito Lizarondo, Venus founder, has written a blog post describing all the event and how they plan to solve them in the future. They have proposed to lower the XVS collateral factor and utilize its treasury funds to cover the losses of its users.

Reach out to QuillAudits

QuillAudits is a smart contracts security audit platform designed and provided by Quillhash Technologies. We offer complete security audit solutions for DeFi & NFT smart contracts and dApps built on major blockchains such as Ethereum, BSC, Polygon, Polkadot, EOS and TRON, along with formal verification to ensure your platform’s integrity. If you need any assistance in the audit of the smart contracts, feel free to reach out to our experts here!