The Crypto Justice League Exists

The Cover Protocol is a decentralized coverage market that offers peer-to-peer coverage on various DeFi protocols since November.

They are running a shield mining program that incentivized users to provide liquidity to the coverage market where users can earn $COVER tokens, the governance token of the platform.

Infinite Minting Bug

On 28 December 2020, Cover protocol’s shield mining contract was abused. Exploiters were able to mint more than  40 quadrillions of $COVER tokens by taking advantage of an infinite minting bug in the contract.

The price of the token dropped 77% within an hour of the exploit, according to a report from CoinMarketCap.

A preliminary post-mortem conducted by Peckshield, a leading blockchain security company, suggested that the contract miscalculated the reward amount for users who staked their LP tokens. Sorawit Suriyakarn, the CTO of Band Protocol, believed this was likely due to the misuse of memory and storage in the Solidity source code that amplified the amount minted.

This miscalculation could be triggered by staking and subsequently withdrawing their LP tokens. This incident was very different from other DeFi hacks that involved price oracle manipulation and flashloan attack.

The Justice League in DeFi

After seeing the bat signal, all available devs from Yearn Ecosystem came together to help and support $COVER team.

The Justice League exists. They don't fly, they code 👨‍💻

If you want to go fast, go alone. If you want to go far, go together 🚀 https://t.co/MVNrvo6wc3

— Facu ⟠ fameal.eth (@fameal) December 28, 2020

A white-hat exploiter was able to leverage the loophole and drain 4,350 Ether from liquidity pools on Uniswap and Sushiswap, then subsequently return the gain to the team. This act prevented other malicious actors from extracting further profits from those pools.

The incident happened at a time where most team members were asleep, according to  DeFi Ted, one of the team members. Fortunately, Leo Cheng from Yearn reached out and immediately set up a “war room” to counter any further exploits.

Devs were asleep only I was around, not a dev, and @leokcheng reached out and setup the war room to counter any further issues.

They had given me the instructions to ensure that the mint could not continue and was implemented as soon as enough signers for our multisig.

— DeFi Ted (Bakes) (@DeFi_Ted) December 29, 2020

Shortly after the team was notified, they swiftly disabled the token minting functionality such that there would be no further exploits. They also issued an official statement advising liquidity providers to remove liquidity and users not to buy $COVER tokens from the open market to alleviate further losses.

The team is still investigating the current incident. The exploit is no longer possible.

The exploit is no longer possible. Please do NOT buy $COVER tokens, and remove your liquidity from the COVER/ETH pool on sushiswap.

CLAIM/NOCLAIM balancer pools are unaffected

— Cover Protocol (@CoverProtocol) December 28, 2020

Binance also suspended $COVER trading and deposits at 12:40 pm UTC, and is currently working with the team closely to find a solution that compensates the affected exchange users. On the other hand, all available developers from the Yearn ecosystem have come together and actively assist the Cover team in conducting a thorough investigation.

According to a closed source, they include well-known Solidity developers such as  Emiliano Bonassi ,  Banteg ,  Vasa ,  Leo Cheng ,  andy8052 , @fameal , 0xMaki, etc., as well as every member of the Cover team. Together with  CZ’s full support , They formed a CeFi and DeFi  Justice League to conduct an investigation and come up with a mitigation plan.

#DeFi has its own risks. #CeFi have to get involved to help. It's one ecosystem. https://t.co/keg1PsQ9NX

— CZ Binance (@cz_binance) December 28, 2020

Here is a collective work from RektOpSec 💪 @emilianobonassi @bantg @leokcheng @arbingsam @x48_crypto @milkyklim @bneiluj @RektHQ @fameal @doug_molinam @andy8052 @dudesahn @CoverProtocol team and others (sry if I missed someone)

The report is still WIP.https://t.co/7GgmYovcTc

— vasa (@vasa_develop) December 29, 2020

They also receive wide support from big players across the DeFi space, including Sushiswap developer 0xMaki.

I have been there and it is one of the scariest place to be in.

I was asleep during Cover hack but happy to see we can rely on so many people inside our ecosystem now to help.

We will do everything to help Cover comeback from this at Sushi. https://t.co/dtBIUTsUz7

— 0xMaki 源 義経 (@0xMaki) December 29, 2020

The Next Step

The overall loss in this incident was relatively limited compared to other DeFi exploits. The Cover protocol remains largely unaffected, with only the governance token being compromised. Coverage seekers can still purchase coverage tokens on the open market. Version 2 of the protocol is on track to be launched in Q1 2021.

They are currently exploring ways to restore the governance component of the protocol. They would be providing a new token through a  snapshot right before the exploit to compensate token holders and liquidity providers who were affected by the exploit. Ether secured by the white-hat exploiter would also be returned to liquidity providers.

This zero-day exploit demonstrates how the DeFi community can come together in no time and collaborate to help contain a crisis and make DeFi a better place. Thanks to the help of other developers, the team can move swiftly to compensate the affected users.