Logo

What We've Changed Since the OUSD Attack

January 6, 2021
OUSD Security

The following is a full post-mortem on the recent Origin Dollar (OUSD) hack which took place on November 16, 2020. Since the exploit, we spent considerable time learning from the technical failures, upgrading our OUSD smart contracts, and introducing enhanced security measures and processes at the company. With our OUSD relaunch, we wanted to share some of our latest engineering updates with the community. Going forward, we are committed to making security our number one priority while offering competitive returns to our OUSD holders.

What Happened?

OUSD suffered a loss of 7 million dollars on November 16th due to a missing validation check that allowed a reentrancy bug. This validation bug was introduced during a gas-saving refactoring that copied some functionality but did not copy the validation. Shortly after the incident, we released a detailed plan to provide compensation equal to 100% of the value deposited to OUSD at the time of the exploit. We are more motivated than ever to make OUSD a success as a mainstream, yield-generating stablecoin.

There’s the Swiss cheese theory of disasters — in a complex system, multiple holes in defenses have to line up in order for a disaster to happen. The loss of funds could and should have been prevented.

  • If we had not accidentally removed the validation, no loss of funds.
  • If we had caught the removed validation during the code change review, no loss of funds.
  • If we had added reentrancy protection, even though we didn’t think we needed it, no loss of funds.
  • If we had reviewed the Akropolis finance hack as thoroughly as we did for the other DeFi hacks, we could have seen that we were vulnerable.
  • If we had not assumed that inputs were validated when checking our contract for reentrancy vulnerabilities, no loss of funds.
  • If we had limited total supply prior to having a completed audit, we would have had a correspondingly smaller loss.
  • If we had spotted the attack and paused the contract during the six-minute window between the attacker’s first failed attack, and the second successful attack, no loss of funds.

The bad news was that we had a failure at multiple layers and allowed the Swiss Cheese disaster to occur. The good news is that we now have a much stronger and longer list of security measures and protocols to prevent this from happening ever again. While the malicious attack created a setback for both us and our users, we believe that in the long-term OUSD will now be more anti-fragile. We are stronger now and will be resilient and defensive against future attempted exploits.

How We've Changed OUSD Following the Attack

The actual fix to the bug that caused the loss of funds was only a single line of code.

However, rather than just making that fix, and relaunching, we’ve spent over a month taking a hard look at our processes and code, with the aim of never letting this outcome happen again!

First of all, we fixed the missing validation check.

We also added reentrancy checks to the OUSD Vault that would prevent a similar bug in the future from being able to be exploited.

More Audits

We now have two completed code audits and have committed additional fixes to the remaining smaller issues that were found. Trail of Bits was in the middle of auditing our contracts when the attack happened. They completed their audit and identified several minor issues in addition to the one catastrophic bug. We have since resolved each of the issues they highlighted.

Given the gravity of the situation, we decided to retain a second auditing firm to give the contracts another look. We worked with Solidified who reviewed the entire system as well as our new staking and compensation contracts that Trail of Bits didn’t have a chance to review.

We intend to continue working with respected security auditing firms to review our work. We’ve lined up a future audit with OpenZeppelin to review additional upgrades in Q1 of 2021. While audits still can’t guarantee correctness, they have proven to be useful in identifying potential issues.

Formal Verification

We’ve also retained Certora to begin formally verifying the various security properties of our contracts. They will help us define a set of automated rules to ensure our contracts satisfy their specifications. These verification checks will be run as part of our CI process to catch future bugs that break our contract specifications.

Automated Tooling

We now have automated checking for common errors on each code change using GitHub actions to run Slither rather than on an ad-hoc basis. In addition, we are manually running a suite of Echidna fuzzing tests on each contract pull request. These tests can automatically detect and warn our team about common security issues. We’ve also greatly extended our test suite for additional code coverage.

Enhanced Security Measures & Processes

PR reviews that touch contracts are now more rigorous than before. We’re requiring two engineers for each contract PR, and are slowing it down to make sure the reviews are thorough, with detailed checklists associated with each PR.

We’ve taken a security week to focus on contract security and conducted our own internal audits in addition to having a second external audit. We’ll be taking another security week in the near future.

In addition, we’ve made sure features don’t bump security in our planning process.

Previously, two engineers were informally reviewing every DeFi hack. However, the one hack that would have alerted us to a problem with our contracts, Akropolis, only got a quick read rather than the thorough reviews that had been happening after other attacks. As a result, we didn’t see the missing validation that allowed a similar attack on OUSD.

We’ve formalized an engineering rotation for reviewing attacks on other projects as well as ensuring we deep dive into each of these reviews, including reviewing the affected contract’s source code ourselves.

We’re also conducting internal retrospectives on “near-misses” — problems that didn’t affect users but got further than they should have.

Although we responded to the OUSD attack within minutes of it occurring, we want to be faster next time. We now have automated monitoring to Discord for large transactions and failing transactions.

We’ve added a fast pause functionality, allowing two multi-sig holders to pause minting and redeeming. This will give us the ability to respond faster to incidents and hopefully reduce the scale of any vulnerabilities.

We will also continue to have a bug bounty program with up to $250,000 offered for identifying major vulnerabilities.

DeFi Insurance

We’re exploring working with Nexus Mutual, Cover Protocol, and other insurance providers to make DeFi insurance available to OUSD holders. Origin intends to deploy significant capital as the initial coverage provider. We’ll be sharing more details in the near future.

The Future of OUSD

With the OUSD relaunch, we look forward to making DeFi much simpler. We believe OUSD will make money a whole lot better for everyone, even individuals that currently don’t understand cryptocurrencies or DeFi.

We know we hit a magical combination of yield and ease of use with OUSD’s initial launch. We had just begun to hit our inflection point with a million dollars a day being deposited in the two days before the hack. We look forward to regaining that momentum in the very near future. Going forward, security will be our highest priority for OUSD.

Learn more about Origin:

Daniel Von Fange
Daniel Von Fange
Origin
Stay in touch
Be the first to hear about important product updates. Your email will be kept private.
Originally released by Origin Protocol
Privacy policyTerms of service