Tokenlon 4.0 fee incident disclosure

On Feb 26th morning, Tokenlon team received a message from 0x @willwarren89 as follows: The well-known white-hat hacker @Samczsun found that Tokenlon 4.0 has a security vulnerability. This vulnerability has a high-risk level, which will not only affect the security of the transaction fee deposited on the platform, but also will affect the safety of user funds. In response, the Tokenlon team immediately launched defensive actions from these two dimensions.

1, Tokenlon team immediately withdrew a large amount of transaction fee tokens back to the treasury to ensure that there would be no loss of precipitation fees.

2, Tokenlon team immediately sent orders to Tokenlon 4.0 through TAICHI network to prevent attackers , and to prevent attackers from using front-running to construct transactions where the payee is the attacker’s address.

Background

Tokenlon 4.0 is based on 0x protocol for decentralized atomic swaps, which provides users with faster speed, better price decentralized token exchange services, and was launched since April in 2019. The main reason for this incident is that signature verification in the contract cannot handle 0 address case correctly. The attacker can register his address as UserProxy’s delegation. Then he can send an order with maker address as the UserProxy and recipient as attacker’s address. Due to the reason that the attacker becomes the validator of the UserProxy, which bypass the signature verification, the order is valid and able to executed. The risk causes the fee tokens deposited on the UserProxy can be transfer to the attacker.

Beside, Tokenlon 4.0 does not have the receiver filed being signed in the order. but has it appended to the user’s signature. This introduces the risk that the attacker can leverage this vulnerability to replace his address with user’s address. Plus, the attacker is UserProxy’s delegator so the attacker can make a trade successfully can get user’s fund.

Impacts

After conducting a comprehensive inspection of all contract codes, we do not have any fund lost in the incident, including our team and users.

Subsequent Work

The Tokenlon team notified our users that Tokenlon 4.0 will be gracefully shutdown forever within one week on Mar 4th. Fortunately, Tokenlon 5.0 has been launched since Dec 18th in 2020, and has no vulnerability like 4.0 and most of users has been migrated to v5. We also reported the security vulnerability to our contract audit company.

We really thanks Sam for his contribution in this finding and notified our team immediately so we can prevent from the fund lost. We will distribute bounty to Sam for 50000 USDT.

At last, we will announce our bug bounty program for white hat and researchers, to reward people who find the bugs in our smart contract.

Timeline

Feb 26, 03:35 (UTC) Sam notifies Tokenlon 4.0 exists vulnerability, which would cause fee tokens on UserProxy being moved.

03:51 The Tokenlon team confirmed the risk, and withdrawn most of the fee tokens immediately.

04:40 The Tokenlon team decided and notified our users to gracefully shutdown Tokenlon 4.0 within one week, and set a monitor on 4.0 contract.

Feb 28, 04:00 Confirmed with Sam that the attacker can frontrun the trade to 4.0, and redirect the fund to attacker’s account. TAICHI network was used to send user’s trade via private network.

Mar 4, 07:00 Tokenlon 4.0 was shutdown forever. The Tokenlon team notified users to upgrade their app to use Tokenlon 5.0.