Pickle Finance suffers from attack following fake Pickle Jars


The Pickle Finance cDAI jar was hacked for 19.7 million DAI involving fake Pickle Jars


Pickle Jars are a fork of Yearn's yVaults and are controlled by the Controller contract. The contract contains a function which allows users to swap their assets between Jars. However, there isn't a whitelist for which Jars are permitted to use the function. The hacker created a fake Pickle Jar and swapped the funds from the original jar.

The Pickle team attempted to call a function enabling them to withdraw the funds but the transaction was not successful. The withdrawal request had to pass through the Governance DAO which had a 12 hour timelock and the only person who could bypass the timelock was not available.

Users received a warning to withdraw their funds from Pickle immediately, despite efforts to warn them, $50 million remained in high risk jars.

The team had to overcome 5 challenges:

  1. To get the Pickle Finance team together across several time zones to start rescuing the funds by pushing transactions into 12h timelock (via 3 out of 6 multisig) to withdraw funds.
  2. To get thousands of investors to withdraw their funds (and discourage them from redepositing once the pool TVL dropped and the APY inflated to 1000+% APY)
  3. Performing safety checks on the other jars to see if there is a possibility of more attacks.
  4. Duplicating the attack and whitehacking before anyone can hack the jars again.
  5. Avoiding getting front-runned when trying to rescue the remaining 50k

The team filed for insurance with Cover Protocol in an attempt to recover the sums lost.