Beanstalk DAO Exploited For $75 Million

Beanstalk DAO was exploited and drained of over $75 million on Easter Sunday, April 17, 2022 a little before 12:30PM UTC. The exploiter used flash loans to game the governance system with a temporary super-majority of the governance token.

Beanstalk DAO Exploit on chain

Background – Beanstalk DAO Introduction

Beanstalk DAO tried to create a stable coin through a relatively novel credit-based method instead of the more used options. The stable coin, $BEAN, had a goal of oscillating in a very narrow range around the $1 peg. Beanstalk did this by minting $BEAN when the price was above $1 peg. If the price was below the $1 peg, Beanstalk would increase incentives to exchange $BEAN for the protocol’s debt token which would decrease the supply of $BEAN. (Read a full Introduction to Beanstalk DAO here).

Beanstalk rewards users who deposited tokens into the silo with $SILO, the governance token for Beanstalk. The governance of Beanstalk allowed for users to propose a Beanstalk Improvement Proposal (BIP) if they held >0.1%. Up until 2 days ago, no user had made a proposal and all the BIPs came from the dev team.

Beanstalk DAO was audited by Omniscia, but the exploit allegedly went through code introduced with governance proposals after the audit was done. (Want to learn if Omniscia is top-tiered audit firm? See Smart Contract Audit Firms Ranked).

Beanstalk DAO Exploit – What Happened?

The exploiter used flash loans to borrow enough of the required voting power to push a proposal through. The proposal was pushed through an emergency execution option in Beanstalk. This emergency execution option allowed for a BIP to be executed if a ‘super majority’ voted in favor of it.

The BIP had a ‘hidden’ exit call that would withdraw all the funds once the BIP was executed.

Flash loans complete in a single block, so the $BEAN that was loaned was actually non-existent. But the loan allowed the exploiter to inflate his holdings and get a supermajority of $STALK, to push through the BIP, before the loan closed.

When all was said and done ~$75 million was removed from the liquidity pool (roughly evenly split between $BEAN and $ETH).

More Information on Exploit

BIP-12 & BIP-16 were the BIPs introduced that allowed for BEAN3CRV-f and BEANLUSD-f LP tokens as being depositable into the protocol’s silo strategies. These 2 BIPs introduced new LP assets for flash loans.

The series of events that lead up to the exploit were:

  • Exploiter introduced BIP-18 & BIP-19 a day ahead of the exploit. The proposals were for a $250,000 donation to Ukraine on the surface.
    • To propose a BIP a user only needs a 0.1% of Beanstalk
    • BIP-18 & BIP-19 appeared to be the same thing just submitted twice (and were the first 2 user generated BIPs)
    • BIP-19 had a ‘hidden’ exit call however
  • Beanstalk governance allowed for an ’emergency commit’ if the following 2 conditions were true:
    • A BIP needs to be live for 24 hours
    • A supermajority (>67%) of the vote approves it
  • Beanstalk did NOT have a flash loan resistant measure in the governance

During the exploit the following happened:

  • Exploiter took a flash loan from Aave
  • Exploiter accumulated as much $STALK as possible by buying $BEAN and adding LP positions (BEAN3CRV-f and BEANLUSD-f)
  • The exploiter was able to accumulate a supermajority of >67% of all outstanding $STALK
  • Now the exploiter could emergency commit their BIPs

The exploiter almost immediately started moving the 24,830ETH to Tornado Cash in order to mix it.

Beanstalk DAO Exploit – What Next?

Beanstalk devs had a community call the night of the hack and self-doxxed to the community. During the call they answered questions about what happened and what they were looking at going forward. Some of the topics discussed included:

  • Admiting that the exploiter still has all the $BEAN (over $30 million)
    • This would make it very difficult to restart the LPs without migrating to a new contract as the exploiter would be able to sell the $BEAN into the pools
  • Omniscia had audited BIP-7, which was the governance system. Omniscia had released press earlier in the day saying the cause of the exploit was introduced with BIP-12 and BIP-16. However, Beanstalk said that the code that was exploited was the BIP-7 code and covered in the Omnicia audit
  • VC-funding, shared losses, giving spots in the pod line, and even Tetranode-funding were brought up in ways to re-fund the protocol and compensate users. Olympus DAO Protocol has links to Beanstalk and were also mentioned to help with liquidity.
    • “Everything is on the table” according to the devs, it all depends on how they can attract liquidity
    • Estimate it will be a month at the earliest before any restart

Beanstalk is an innovative project and this exploit has almost completely rekt the project. We will see if they can survive this but right now the chances are looking low.

Photo of author

Written By BowTied Effer

Finance, Fitness, Family, and Fixing Bad Advice from a Father

Disclosure

This article may contain links to third-party websites or other content for information purposes. BowTiedIsland may receive a commission at no cost to you if you purchase a product after clicking one of these links. The Third-Party Sites are not under the control of BowTiedIsland, and BowTiedIsland is not responsible for the content of any Third-Party Site. All information contained herein is the opinion of the writer and does not constitute financial advice. We aim to act as a neutral third party and aid in your research and analysis.


The Jungle


Crypto, Investing, and E-Commerce with BowTied Bull

The future is internet based, therefore we have a triangle based approach with crypto, e-commerce business making and Investing in traditional assets

The Culture War with BowTiedRanger

Whether you’re a political junkie or just interested in current events. 

You’ve come to the right place for analysis of the most relevant current events and political issues.

Fitness With BowTiedOx

BowTiedOx provides you a place to find all of his latest programs and guides.

Weekly newsletters that cover fitness, health, and mindset, all grounded in the fundamentals of physiology.

Media Production with BowTied Turkey and BowTied Tamarin

Video is no longer optional.

Don’t get left behind.

Your brand deserves professional videos to engage your audience.

Art & Graphic Design with BowTied Patriot

BowTied Patriot is a graphic artist who specializes in photography, mixed medium custom artwork, and NFT creation.

Join BowTiedPatriot as he dives into making Art in Web3.0 and The Metaverse.

Cooking with BowTiedOctopod

Learn secrets from a fine dining chef for maximum flavor and time-saving efficiency

Newsletters on Ingredients, Techniques and Flavor hacks that will have you eating better. We will never eat bugs!

Meme Warfare with DgenFren

Increase your online engagement, organically influence narratives, and build your online persona by using marketing that your target audience actually wants: memes.

Learn How to Sell with BowTiedSalesGuy

Sales is one of the most transferrable life skills, yet few know how to actually sell.

Traditional sales tactics don’t cut it in today’s hyper competitive world.

Learn the secrets from a Chad Salesman and change your Life forever.

Ecommerce with BowTiedOpossum

Learn the skills to start and build your first online business.

Want to build a business that travels with you?

Learn from an industry veteran that has worked on and with brands you already know.

Categories DAO