Bacon Protocol Hacked: Reportedly $1M Lost

• Bacon Protocol was hacked.
• Reportedly $1M Lost.
• The hack was made possible due to a reentrancy bug in the lend() routine so that the hacker can get more lending credits via re-entering the lend() routine as one can be seen in the below image.

Follow us on Google News

Yesterday PeckShield Tweeted and asked Bacon Protocol to look into the hack tx. The hack tx is 0x7d2296bcb936aa5e2397ddf8ccba59f54a178c3901666b49291d880369dbcf31. Soon after this Bacon Protocol Tweeted and said that “This morning someone used reentrancy in the contract to get more bHOME than they should have and took some USDC. Most of the funds for the protocol were already safely lent out against homes. The issue was found quickly. The contract has been patched and is being reaudited.”

Bacon Protocol further Thread said that “We deeply appreciate the help and support of the community. In the meantime, we feel the main risk to the protocol has been secured and don’t suggest unstaking bHOME or rushing to claim BACON.”

Bacon Protocol hacked this morning via reentrancy. From a preliminary look, it looks like the contract:

1. Did its transfers in a way that allowed a reentrancy attack
2. Did not have reentrancy locks
3. Intentionally called out to any address durning the middle of the lend pic.twitter.com/1ECRmc7zPe

— Daniel Von Fange (@danielvf) March 5, 2022

According to PeckShield, the Bacon Protocol was just hacked w/ ~$1M loss. The hack is made possible due to a reentrancy bug in the lend() routine so that the hacker can get more lending credits via re-entering the lend() routine as one can be seen in the below image. The tx hash is 0xacfcaa8e1c482148f9f2d592c78ca7a27934c7333dab31978ed0aef333a28ab6 and 0x7d2296bcb936aa5e2397ddf8ccba59f54a178c3901666b49291d880369dbcf31.

Further today Bacon Protocol Tweeted and informed their community that “We further verified the contracts and patches from this morning. We are working closely with auditors to further ensure the security of the network and working quickly to recover any lost funds.”

The Bacon Protocol introduces a new way for crypto wallet holders to hold a coin backed by mortgages similar to those used by banks, insurance companies, and governments. Because of the efficiency of the blockchain and the elimination of all processes and people, users of the Bacon Protocol receive the majority of the return, approximately 2 – 3 % vs 0.1% if the money was kept in a savings account. Bacon Protocol’s first token, bHOME, is backed by liens against homes in the United States and grows based on payments made against these liens.