Key Takeaways
- The development team advised users to revoke approvals linked to the Ethereum Dolomite address starting with 0xe2466.
- Reportedly, the attacker exploited a function named “callFunction” that allows a user to make any arbitrary calls.
A recent security breach in old smart contracts associated with the Dolomite crypto exchange has led to a substantial loss estimated at around $1.8 million. The exploit, as disclosed by blockchain security firm CertiK, occurred on March 20th and involved an attacker exploiting a vulnerability in input validation to siphon funds from users via the ‘transferFrom’ method. The compromised funds, initially in USD Coin (USDC), were subsequently converted to Ether (ETH).
Dolomite’s team acknowledged the breach, clarifying that it primarily impacted long-time users who had interacted with the platform before 2020. In response, they swiftly submitted a transaction to disable the exploited contract, preventing further unauthorized access.
According to CertiK’s findings, the exploit centered around an old contract named ‘DolomiteMarginProtocol,’ which allowed the attacker to exploit approvals granted to the owner prior to the system’s elimination in 2020. This security flaw raised concerns regarding unauthorized access to funds through manipulated contracts.
The vulnerability stemmed from the ‘callFunction’ function within the ‘DolomiteMarginProtocol’ contract, which granted arbitrary access, making it susceptible to exploitation. While safety measures were intended to be in place, with the ‘noEntry’ modifier designed to restrict access until activated by the ‘singleEntry’ function, the attacker managed to bypass these safeguards. By leveraging a function within a different contract, ‘SoloMargin,’ the attacker successfully executed operations and triggered ‘callFunction’ calls, facilitating the unauthorized transfer of assets.
In response to the breach, Dolomite’s development team advised affected users to revoke approvals granted to the Ethereum Dolomite address associated with the exploit. They reassured users who solely interacted with the current version on Arbitrum that they should not be affected. Additionally, the team promptly disabled the compromised contract to mitigate further risks to users.
CertiK’s report outlined the exploitation of the ‘callFunction’ function, normally guarded by a ‘noEntry’ modifier. However, the presence of a vulnerable ‘call’ function within the TradeManager contract enabled the attacker to bypass these protections, facilitating the unauthorized transfer of funds.
