11/06/2021: Post-mortem of nUSD Metapool Exploit

What Metapools are

  • Standard stableswap pools — which contain multiple base assets(Asset A, B, C), priced against each other in a tight range, as described here
  • Metapools — which implements the same stableswap invariant, but which prices Asset D against the LP token of Asset A, B, C. This results in the ideal balance weight of the pool being 50% Asset D, 16.66% of A, B, C. This both isolates risk of Asset D while allowing the base pool to be used for additional metapools. While this has a number of upsides, it’s also a much more complex implementation.

What was the implementation issue?

Timeline of events

  • 11/06 18:09 UTC: an Avalanche LP reported a partial loss of assets upon removing liquidity to the Discord support channel
  • 18:14 UTC: A community member, who has been working on Synapse data infrastructure, notices the Avalanche nUSD virtual price at 0.887, and tags Aurelius.
  • 18:18 UTC: Aurelius responds that he is looking into this user report.
  • 18:22 UTC: Avalanche nUSD Metapool is paused immediately upon noticing abnormal activity. Investigation by core contributors continues.
  • 18:58 UTC: Metapools on all 6 chains are paused and the AMM + bridge pause is announced on Discord. Validators coordinate to go offline to protect the network against further malicious activity.
  • 18:40–19:00 UTC: Synapse core contributors reach out to Saddle, who developed the Metaswap contract, to set up a working group to identify the bug and evaluate the severity of the issue. Synapse contributors recommend Saddle initiate a pause on their deployed Metapool.
  • 19:00 UTC — 20:40 UTC: Synapse contributors identify exploiter addresses, and begin to look through each transaction and identify a pattern flow of the exploiter:
  • 21:34 UTC: Contract bug is identified (line 424 of MetaSwapUtils.sol, as described above). Preliminary findings are shared with Saddle. Saddle confirms the findings are likely correct.
  • 22:20 UTC: Synapse core contributors decide to move forward with deploying new Swap.sol pools containing Assets A, B, C, and D, all in one pool, and migrate liquidity to the new pools once deployed.
  • 11/06 22:20–11/07 03:00 UTC: New pools are re-deployed across all chains
  • 03:00 UTC — 07:00 UTC: Plan of action for liquidity migration is created, UI work is done to support new pools and simple liquidity migration.
  • 07:00 UTC — 12:00 UTC: Contract reviews are completed, UI is being tested on each chain. Upon new contracts being finalized, validators coordinate to come back online, and bridge returns to fully functioning. All pending user transactions are processed.
  • 12:50 UTC: A brief summary of the past 16 hours, with explanation of the contract bug, and effects on LPs is announced on Discord and Telegram. Bridge is fully functioning, liquidity migration plan is announced.

Distribution of funds to Avalanche LPs

What comes next

  • Protocol development and growth remains unobstructed.
  • Liquidity migration to new pools is ongoing: Over $200mm TVL has migrated
  • Avalanche nUSD Metapool LPs will have funds returned to them over the coming days.
  • Audits of all Synapse contracts will be conducted by multiple audit firms on a continuous basis.
  • A formal bug bounty program will be created.
  • Security remains the #1 priority of all core Synapse contributors.




Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

{UPDATE} Roll the Ball® - slide puzzle Hack Free Resources Generator

Why you should switch from WhatsApp to Signal or Telegram

Understanding Proxy and Reverse Proxy Servers


What You Need to Know About The Use of Your Personal Information: The Good, The Bad & The Ugly

Join Corgi NFT Game Airdrop

{UPDATE} Muerte Guerra Aventuras Juego 2017 Hack Free Resources Generator

5 Tips to Avoid OAuth Authentication Vulnerabilities

BSC liquidity mining campaign

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Synapse Protocol

Synapse Protocol

More from Medium

Deep Dive into Drift’s Dynamic vAMM (Part 1/3)

BENQI & Keystone Partnership: Secure Signing on Avalanche!

Using Black Scholes to estimate the size of Divergence Loss / Impermanent Loss for AMMs

Solend x Socean: A Guide to Do More with your scnSOL