Spartan exploit leads to a $30 million loss
The Spartan Protocol is a liquidity platform for sythentic assets with leverage on the Binance Smart Chain. It's one of the latest platform to suffer an attack, one of the largest attacks in DeFi history.
The attack was possible due a flaw in the liquidity share calculation for the SPARTA/WBNB liquidity pool. The attacker took out a flashloan from Pancake Swap for over $60 million in WBNB, and made repeated swaps from WBNB to SPARTA in order to inflate SPARTA's price. The attacker added liquidity to the pool and was transferred liquidity pool tokens in return.
After several repeated swaps of WBNB to SPARTA, the attacker pulled out the tokens and immediately burned the pool tokens. Due to the flawed share calculation, the attacker received a significantly higher return.
As a result of the attack, the price of SPARTA dropped by 30% to $1.17.
The full transaction history can be found here.
The SpartanPoolV1-Wrapped BNB pool contract can be found here.
The attacker started by taking out a flashloan from Pancake swap for the sum of 100,000 WBNB, which is the equivalent to just over $62.3 million.
The attacker repeatedly swapped just over 1913 WBNB for SPARTA - the first repeated swap was over 5 separate transactions. Each time WBNB was swapped for SPARTA, the amount in SPARTA reduced as its value increased.
The attacker then proceeded to deposit the SPARTA (over 2.5 million in total) and the WBNB (over 11,800 in total), before calling addLiquidity to mint over 933,000 SpartanPoolV1-Wrapped BNB pool tokens.
The attacker repeated the process of swapping WBNB to SPARTA, each time swapping just over 1674 WBNB and receiving a reduced amount in SPARTA.
A deposit of just over 21,632 WBNB and all the SPARTA from the second round of swaps (a total of just over 2.6 million) is deposited. However, the attacker does not add liquidity the second time around. Instead, the tokens are pulled out. Immediately after the tokens were pulled, the attacker burned the liquidity pool tokens, at which point he took advantage of the flaw in the liquidity share calculation.
The liquidity share is calculated by taking the pool current balance and the pool's total supply, and dividing the balance from the total supply.
However, the balance had been artificially inflated therefore the liquidity share was based on the manipulated balance. In order to avoid this, the calculation can be taken from the cached balance of the base amount pooled divided by the token amount pooled.
The last step was for the attacker to return the flashloan with 100,260 WBNB and take the profit.