{"id":1093,"date":"2025-08-04T14:30:10","date_gmt":"2025-08-04T12:30:10","guid":{"rendered":"https:\/\/ackee.xyz\/blog\/?p=1093"},"modified":"2025-08-04T14:31:12","modified_gmt":"2025-08-04T12:31:12","slug":"resupply-hack-analysis","status":"publish","type":"post","link":"https:\/\/ackee.xyz\/blog\/resupply-hack-analysis\/","title":{"rendered":"ResupplyFi Hack Analysis"},"content":{"rendered":"
On June 26, 2025 a single integer division flaw cost Resupply<\/a> $9.56M. The attacker exploited an ERC4626 “first donation” vulnerability in the cvcrvUSD vault’s ResupplyPair contract (0x6e90c<\/a>). They stole $10M through in one flash loan transaction (0xffbbd<\/a>).<\/div>\n

How did this happen?<\/h2>\n
The ResupplyFi protocol contains a vulnerability in its handling of ERC4626 vault collateral that allows attackers to manipulate exchange rates and bypass loan-to-value (LTV) checks, resulting in unauthorized borrowing. This vulnerability was successfully exploited in a real-world attack, resulting in $9.56 million in losses just hours after the protocol’s deployment.<\/div>\n

Vulnerability Details<\/h3>\n

1. Exchange rate calculation vulnerability<\/h4>\n
\n

Location<\/strong>: ResupplyPairCore.sol:573<\/em><\/p>\n<\/div>\n

\n
_exchangeRate = 1e36 \/ IOracle(_exchangeRateInfo.oracle).getPrices(address(collateral));<\/code><\/pre>\n<\/div>\n
Issue<\/strong>: Integer division without rounding protection causes the exchange rate to round down to zero when the oracle price becomes extremely large.<\/div>\n
2. ERC4626 donation attack vector<\/h4>\n
Location<\/strong>: ResupplyPairCore.sol:155-156<\/em><\/div>\n
\n
underlying = IERC20(IERC4626(_collateral).asset());<\/code><\/pre>\n<\/div>\n
The protocol accepts ERC4626 vaults as collateral, which are vulnerable to donation attacks. In the real-world exploit, the attacker targeted the cvcrvUSD vault which was nearly empty at deployment:<\/div>\n
– Attacker can donate assets directly to the vault<\/div>\n
– This inflates the price per share dramatically<\/div>\n
– Oracle reports the inflated price accurately<\/div>\n
– Exchange rate calculation breaks: `1e36 \/ extremely_large_number = 0`<\/div>\n
3. Broken solvency check<\/h4>\n
Location<\/strong>: ResupplyPairCore.sol:282<\/em><\/div>\n
\n
uint256 _ltv = ((_borrowerAmount * _exchangeRate * LTV_PRECISION) \/ EXCHANGE_PRECISION) \/ _collateralAmount;\nreturn _ltv <= _maxLTV;<\/code><\/pre>\n<\/div>\n
When _exchangeRate = 0<\/em><\/div>\n
\n
– LTV calculation:<\/p>\n
(_borrowerAmount * 0 * LTV_PRECISION) \/ EXCHANGE_PRECISION \/ _collateralAmount = 0<\/code><\/pre>\n<\/div>\n
\n
– Check: 0 <= _maxLTV<\/em>\u00a0always returns true<\/strong><\/p>\n
Result<\/strong>: Any amount of collateral allows unlimited borrowing<\/p>\n<\/div>\n
Attack scenario<\/h3>\n
Target<\/strong>: cvcrvUSD ERC4626 vault (nearly empty at deployment)<\/div>\n
<\/div>\n
1. Initial manipulation<\/strong>:<\/div>\n
The attacker deposited 1 wei into the empty cvcrvUSD vault, and then made a large donation to artificially inflate `pricePerShare`.<\/div>\n
<\/div>\n
2. Exchange rate corruption<\/strong>:<\/div>\n
The attacker:<\/div>\n
– Called borrow()<\/em> on newly deployed ResupplyPair<\/div>\n
– Triggered oracle price fetch: getPrices(address(collateral))<\/em><\/div>\n
– Price extremely high due to donation inflation<\/div>\n
_exchangeRate = 1e36 \/ price<\/em>\u00a0computed to zero via Solidity floor division<\/div>\n
<\/div>\n
<\/div>\n
<\/div>\n
3. Solvency bypass<\/strong>:<\/div>\n
_isSolvent()<\/em> check used corrupted _exchangeRate = 0<\/em><\/div>\n
\n
– LTV calculation:<\/p>\n
(_borrowAmount * 0 * LTV_PRECISION) \/ EXCHANGE_PRECISION \/ _collateralAmount = 0<\/code><\/pre>\n<\/div>\n
\n
– Check 0 <= _maxLTV<\/em> always returns true<\/p>\n<\/div>\n
4. Mass borrowing<\/strong>:<\/div>\n
<\/div>\n
The attacker borrowed $10 million worth of reUSD using just 1 wei of collateral, and swapped and redistributed the stolen funds. This led to a final profit of $9.56 million<\/strong> split across multiple addresses.<\/div>\n
Generic attack pattern<\/h4>\n
1. Target newly deployed or low-liquidity ERC4626 vault<\/div>\n
2. Donate large amount of underlying assets to inflate share price<\/div>\n
3. Mint minimal vault shares (1 wei)<\/div>\n
4. Oracle price inflates to astronomical levels<\/div>\n
5. Exchange rate rounds to zero due to integer division<\/div>\n
6. Deposit minimal collateral and bypass LTV checks<\/div>\n
7. Borrow maximum available funds<\/div>\n
Recommendations<\/h3>\n
\u00a0Immediate mitigations<\/h4>\n
1. Add an exchange rate floor<\/strong><\/div>\n
\n
_exchangeRate = 1e36 \/ IOracle(_exchangeRateInfo.oracle).getPrices(address(collateral));\nrequire(_exchangeRate > 0, "Invalid exchange rate");\n_exchangeRate = _exchangeRate == 0 ? 1 : _exchangeRate;<\/code><\/pre>\n<\/div>\n
\n
2. Add minimum collateral requirements<\/strong><\/p>\n<\/div>\n
Enforce minimum deposit amounts for ERC4626 vaults and implement share\/asset ratio sanity checks.<\/div>\n
References<\/h2>\n
– ERC4626 Standard: https:\/\/eips.ethereum.org\/EIPS\/eip-4626<\/div>\n
– ResupplyFi Official Response: https:\/\/x.com\/ResupplyFi\/status\/1938092252431036491<\/div>\n
– Target Vault: cvcrvUSD ERC4626 vault<\/strong><\/div>\n
<\/div>\n
\n
\n<\/div>\n
<\/div>\n
Want to learn more? Read our recent blog covering the 2025 GMX hack<\/a>.<\/div>\n
<\/div>\n","protected":false},"excerpt":{"rendered":"
On June 26, 2025 a single integer division flaw cost Resupply $9.56M. The attacker exploited an ERC4626 “first donation” vulnerability in the cvcrvUSD vault’s ResupplyPair contract (0x6e90c). They stole $10M through in one flash loan transaction (0xffbbd). How did this happen? The ResupplyFi protocol contains a vulnerability in its handling of ERC4626 vault collateral that allows attackers to manipulate exchange rates and…<\/p>\n","protected":false},"author":25,"featured_media":1016,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[61,10,85,84],"tags":[24,14,86,64],"class_list":["post-1093","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education","category-ethereum","category-exploits","category-hacks","tag-ethereum","tag-exploit","tag-hack","tag-security"],"aioseo_notices":[],"featured_image_src":"https:\/\/ackee.xyz\/blog\/wp-content\/uploads\/2025\/03\/Cross-Function-Reentrancy-Attack-600x400.png","featured_image_src_square":"https:\/\/ackee.xyz\/blog\/wp-content\/uploads\/2025\/03\/Cross-Function-Reentrancy-Attack-600x600.png","author_info":{"display_name":"Dima Khimchenko","author_link":"https:\/\/ackee.xyz\/blog\/author\/dima-khimchenko\/"},"_links":{"self":[{"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/posts\/1093","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/users\/25"}],"replies":[{"embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/comments?post=1093"}],"version-history":[{"count":0,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/posts\/1093\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/media\/1016"}],"wp:attachment":[{"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/media?parent=1093"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/categories?post=1093"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/tags?post=1093"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}