What happened?
Shortly after announcing 0x DAO’s treasury address, we were approached by samczsun who identified an exploit vector that would make it possible to virtually inflate the voting power of a ZRX holder or delegate.
We estimated that it would theoretically be possible to inflate voting power by a factor of ~1000x. The exploit would consist in repeating multiple times the operatedPoolIds in the castVote and propose methods, trying to cover most of a block’s computation (e.g. by setting a high gas price and a high gas limit).
This exploit would have enabled relatively small ZRX holder or pool operators to:
- create proposals even if they didn’t meet the 100k ZRX minimum threshold
- single-handily decide the outcome of a vote. A malicious proposal could, for example, send the entirety of the ZRX treasury to themselves
Note that the 0x DAO is not connected to the core 0x smart contracts at this time, and therefore no user funds were ever at risk. However, the 2M ZRX tokens held by the DAO (seeded by 0x Labs), could theoretically be moved if a malicious proposal were to pass.
What did we do?
Shortly after samczsun reached out to the 0x Labs team, we immediately verified the attack and proceeded with patching the contract code. We then architected and executed the following plan:
- Deployed the patched contract to a new address.
- Created a 0xDAO proposal to transfer the entire ZRX treasury to the new contract. This proved to be the very first 0x DAO proposal.
- Notified 0x DAO bootstrap delegates of the situation, getting their green light with regards to the plan and their commitment to vote in support of their proposal.
- At that point, the primary risk consisted in having a malicious actor identify the vulnerability and inflating their voting power in order to block the migration.
- Reached out to Joey Zacharl, 0x DAO delegate and operator of the VolleyFire Staking Pool. With an abundance of caution, we asked him to leverage the exploit to inflate his pool’s voting power in order to neutralize the effect of any potential malicious actor could (VolleyFire is 0x DAO’s biggest delegate by voting power).
- During the voting period, Joey successfully leveraged the exploit. The proposal passed.
- The proposal was executed at Apr-27-2021 09:04:54 PM UTC, and the treasury successfully migrated to the patched contract.
What does this mean for ZRX holders and 0x DAO delegates?
The 2M ZRX treasury is safe in a new contract, and ZRX Portal was also updated to point at its new address. Everything about 0x DAO is therefore business-as-usual, with all the functionalities described in the announcement unchanged.
It was also an instructional time to stress-test 0x DAO’s on-chain binding governance system . Despite having identified a potentially critical vulnerability, there was no other way to proceed with a patch other than going through a governance vote. We thank all 0x DAO bootstrap delegates for their participation and leadership in the process.
Rewarding samczsun with a bug bounty
0x Labs strongly believes in the benefits of open source development and rewards individuals that actively contribute to the security and reliability of 0x’s stack. In fact, we have an ongoing bug bounty for all 0x’s smart contracts. It is therefore with great pleasure and sense of gratitude that we want to award $50,000 to samczsun for discovering and graciously reporting the vulnerability. We thank him for his sense of commitment towards 0x and the DAO.