Rating
Summary
This smart contract has been reviewed by George Stamp. This is an original yield farm smart contract which allows users to stake either BUSD or SUF, both having different APR. This is also one of the only ways to get SUF tokens, and a brilliant way to distribute the supply, unlike most projects which distribute the initial supply arbitrarily. SUF token is bound to be deflationary once the total supply has been distributed, as the supply does not grow.
After a careful examination of the contract, George Stamp found one backdoor which allows draining the BUSD balance of the contract which represents half of the contract. Since that backdoor needs owner privilege, users can choose to trust the team or not. Always DYOR.
=> This contract was exploited. <=
- The backdoor shown on the audit was not the one that was exploited, however it could've still been used by the owners to drain the BUSD balance, so users were already aware of the danger of this contract.
- A single transaction drained the entire TVL. This was a flash loan attack facilitated with a vulnerability I discovered afterwards:
- attacker deposited 25 BUSD in the contract, this set its claimTimeMINT.startTime to not be equal to 0,
- then attacker borrowed 30k BUSD to deposit in the contract,
- unstake function was using userRewardMINT and userRewardSTAKE to decide what to send back,
- userRewardMINT & userRewardSTAKE used startTime multiplied by reward,
- however unstake function was not updating startTime, therefore userRewardMint and userRewardSTAKE were always positive,
- the exploiter then had all SUF tokens in the contract and sold all of them to drain the BUSD liquidity,
- the profit was very small because it still used time, so this is why the attacker borrowed 30K busd and waited a few hours before executing the attack.
This all happened in two transactions:
setting startTime to not equal to 0 (aka first investment): https://bscscan.com/tx/0x1dcf780022353afc1c6ddd0188f58fa9e2f5ad8879d0c80dd9f11ee1384e2cc0
drain: https://bscscan.com/tx/0x368a52b5b657ee7152d99ebbf595e09163d3847f47a9eb52b9c8618adbd21368
This was a fundamental vulnerability that anyone could have exploited and that I did not identify. The attacker only made sure to be faster than anyone else and had the capabilities to borrow 30k busd.
It should be noted that the backdoor I pointed out on the audit would've led to the same TVL being stolen, the only difference here is that it may not be the team behind the exploit.
The exploiter has started sending funds to TornadoCash.
The team still decided to try to siphon users on their dapp. Make your own conclusions...
Contract Details
Date of launch: Fri Oct 21 2022 19:00:00 GMT+0 or unix timestamp 1666378800: most features become available past that date.
Blockchain: BNB Smart Chain.
Type: Yield farming of a token (SUF), similar to a miner.
Tokens: SUF (0x179Fbdc1cb93105B13796a4A2785Ce340D76e9E3) and BUSD (0xe9e7CEA3DedcA5984780Bafc599bD69ADd087D56).
Minimum deposit: 25 BUSD (no minimum for SUF staking).
Maximum deposit: 10,000 BUSD (no maximum for SUF staking).
Referral rewards: 6% (referrer needs to have invested 50 BUSD to get rewards).
Daily ROI, two options:
- 6% (stake BUSD earn SUF),
- 12% (stake SUF earn SUF).
Daily ROI boost:
- X1.0125 - costs 125 SUF (or +1.25%),
- X1.0150 - costs 175 SUF (or +1.50%),
- X1.0175 - costs 250 SUF (or +1.75%),
- X1.0200 - costs 375 SUF (or +2.00%),
- only one boost may be acquired.
1 day period between sales. It is necessary to have invested a minimum of 24 BUSD tokens first to be able to sell.
Users can only sell up to 10% of their staked SUF tokens.
Function signatures: https://pastebin.com/ALT4hLDU
Backdoors
This smart contract has a backdoor that allows the owner to drain the BUSD balance (NOT the SUF balance though): there is no verification on changeReferralReward (0x572d0a5a) maximum definable referral rewards. It could be set to infinity and lead to BUSD contract balance drained by the owner.
Owner Privileges
changeReferralReward (0x572d0a5a) - changes referral rewards percentage.
Fees
Deposit fee: 4% (not modifiable by owner).
Withdrawal fee: 4% (not modifiable by owner).
Unstake fee: 20% (not modifiable by owner).
Unstake fees are burned - taken away from circulation.
Complexity
This is a yield farm that allows staking either BUSD or SUF, each comes with a different APR.
SUF token is a simple ERC20 token with no owner privilege or any special feature (it is actually 3 lines long). It is highly decentralized as most of their supplies are available from this smart contract which is a fair & decentralized way to distribute the supply.
SUF price formula:
Let x, y unsigned integers in [0, +infinity[, x is BUSD contract balance, y is SUF contract balance:
f(x,y) = (x) / (y + 1)
Unnecessary use of reentrancy guards: SUF token is ERC20 which is not vulnerable to it.
Contract uses redundant verifications to spend tokens (allowance, balance): they are already verified on transfers.
Fees are sent from the user wallet, which will require the app to approve token allowance for more than the user is trying to deposit.
Team Trust
Team is not known and has an active community.
Other Risk
This is a yield farm that relies on funds invested to payout existing users. If the contract reaches $0 then investors will not be paid out anymore. However this farm is very similar to a miner, which are known to be more durable than simple ROI dapps (like DINO).
