← Back to Hack Archive

Cover Protocol Hack

December 28, 2020$4 millionInfinite Mint ExploitEthereum

The Story

On December 28, 2020, Cover Protocol, a peer-to-peer coverage marketplace for DeFi, suffered a major exploit when an attacker discovered a vulnerability in its smart contracts. The hacker was able to mint an unlimited number of COVER tokens, the platform's native governance token, effectively creating them out of thin air.

The attacker generated approximately $4 million worth of COVER tokens through the exploit. After dumping some of the tokens on the market, causing the price to crash by over 90%, the attacker made a surprising move. In what became one of the most unusual outcomes of a DeFi hack, the anonymous hacker returned all the stolen funds with a message: "Next time, take care of your own shit."

The attack highlighted a vulnerability in the Blacksmith contract used by Cover Protocol. After the incident, the team worked quickly to create a new token and compensate affected users. Notably, Binance assisted with the recovery by rolling back COVER trades on their exchange, a controversial move in the decentralized finance space.

Adding a twist to the story, the hack was later attributed to "Grap.Finance," a rival DeFi protocol, who claimed they discovered the bug and exploited it to prove a point, returning the funds afterward.

Technical Analysis

The Cover Protocol hack exploited a critical vulnerability in the protocol's "Blacksmith" mining contract, which allowed for the minting of unlimited COVER tokens. The issue was in the reward distribution mechanism:

  1. The attacker discovered that a bug in the getReward() function allowed minting tokens without proper validation
  2. They deployed a custom contract to interact with the vulnerable Blacksmith contract
  3. The exploit allowed them to mint tokens without having any actual stake in the protocol
  4. This resulted in the creation of over 40 trillion COVER tokens

The vulnerability was in the reward calculation logic:

// Simplified representation of the vulnerable code
function getReward() public updateReward(msg.sender) {
    uint256 reward = earned(msg.sender);
    
    if (reward > 0) {
        rewards[msg.sender] = 0;
        
        // Vulnerability: No validation if caller actually had stake
        // and rewards were properly accrued
        IERC20(rewardToken).transfer(msg.sender, reward);
        
        emit RewardPaid(msg.sender, reward);
    }
}

function earned(address account) public view returns (uint256) {
    // Vulnerable calculation allowed manipulation
    return _calculateRewards(account);
}

The key issue was that the contract failed to validate that users had actually staked tokens and properly earned rewards before distributing them. The attacker was able to manipulate the reward calculation to mint unlimited tokens.

Lessons Learned

  1. Input validation is critical, especially for functions that mint or distribute tokens
  2. Reward distribution mechanisms should have multiple safety checks
  3. Protocols should implement token mint limits and rate limiting
  4. External security audits should include edge case testing for reward mechanisms
  5. Emergency pausing mechanisms can limit damage during active exploits