Fire Token Hack Analysis
Overview:
On October 1st, 2024, the FireToken smart contract was exploited within 24 seconds of launching, resulting in an attacker gaining around $24,000 due to a vulnerability in its token-burning mechanism during transfers. This exploit allowed the attacker to manipulate the Uniswap liquidity pool, causing a severe imbalance that they leveraged for profit.
Smart Contract Hack Overview:
Decoding the Smart Contract Vulnerability:
· The root cause is that the FireToken contract allowed direct manipulation of the Uniswap pair’s token balance through the `_transfer` function, which adjusted the liquidity pool’s balance and immediately called sync() to update the pool’s reserves.
· The FireToken contract implemented a burning mechanism that removed tokens from the circulating supply during transfers. When tokens were transferred to the Uniswap liquidity pool, the `_transfer()` function reduced the pool’s balance by transferring a portion of the tokens to the `DEAD_ADDRESS` (burn address). Immediately after the transfer, the function called `sync()` to update the pool’s reserves.
· Whenever a transfer was made to the Uniswap pair, the `_transfer()` function burned some of the tokens, decreasing the number of FireTokens in the pool. According to Uniswap’s constant product formula (x * y = k), reducing the FireToken reserves in the pool (while keeping the ETH reserves constant) caused the perceived price of FireTokens to drop. The formula implies that as one asset’s reserve (FireToken) decreases, the other asset (ETH) appears more valuable, leading to a price discrepancy.
· The attacker exploited this by repeatedly transferring FireTokens to the Uniswap liquidity pool, artificially reducing the pool’s FireToken reserves with each transfer. After each burn, the attacker executed swaps, acquiring small amounts of ETH for a disproportionately large number of FireTokens, as the artificially low reserves made the price appear lower than it was.
· By continuously reducing the FireToken reserves through this burning and syncing process, the attacker manipulated the price multiple times, accumulating approximately $24,000 in profit shortly after the contract’s launch
Mitigation and Best Practices:
· Before executing any transfer that affects the liquidity pool, validate the current reserves of both tokens. Ensure that such adjustments do not cause significant price discrepancies that could be exploited.
· Set a limit on the amount of tokens that can be transferred to or from the liquidity pool in a single transaction or implement a cooldown period between large transfers. This would prevent rapid manipulation of reserves and mitigate the impact of any individual transaction.
· Integrate price oracles to validate the price of tokens before executing swaps. This can help ensure that trades are executed at fair market prices, mitigating the impact of artificial price manipulation.
· To prevent such vulnerabilities, the best Smart Contract auditors must examine the Smart Contracts for logical issues. We at CredShields provide smart contract security and end-to-end security of web applications and externally exposed networks. Our public audit reports can be found on https://github.com/Credshields/audit-reports. Schedule a call at https://credshields.com/
· Scan your Solidity contracts against the latest common security vulnerabilities with 225+ detections at SolidityScan.
Conclusion:
SolidityScan is an advanced smart contract scanning tool that discovers vulnerabilities and reduces risks in code. Request a security audit with us, and we will help you secure your smart contracts. Signup for a free trial at https://solidityscan.com/signup
Follow us on our Social Media for Web3 security-related updates.
