Full Report
Rodeo Finance is a leveraged yield farming protocol. Apparently, it also supports loan functionality. The service was uses a price oracle to determine the price of assets when borrowing and lending. In particular, it was using a Time Weighted Average Prices (TWAP) which averages out the price over a given interval. This prevents instantaneous changes in the price from manipulation. In this case, updates were every 45 minutes and looking at the previous 4. TWAP oracle are vulnerable when their price is being updated. By sandwiching price updates, it's possible to get a position briefly for some amount of money, see the update occur, then make money from the update even though very little funds were provided. The attacker manipulated the price by performing a sandwich attack on its source - ETH-unshETH pool - over the 3 updates. By sandwiching the update process, the attacker was able to get all of their money back but was still able to manipulate the price. This was a risky tactic. At any point, the oracle protocol could have been arbitraged to steal funds but was not. Once the TWAP had the inflated price, the attacker opened multiple large leveraged positions. To eventually make money, they borrowed much more funds than they should have been able to. Since the oracle price was manipulated, they were also able to arbitrage it by swapping with the same pool as they manipulated. This led to a massive price difference from the amount that was swapped by the Rodeo Finance Protocol. According the Quill Audits, there is another aspect to this though. The strategy address was unconfigured, which allowed for bypassing the sanity check on the values being used. What was wrong then? The oracle used the reserve ratio to determine the price. Additionally, multiple oracles should be used to prevent attacks like this. Or, have limits on how much the price can change over a given interval.
Analysis Summary
# Incident Report: Rodeo Finance Oracle Manipulation Exploit
## Executive Summary
On July 11, 2023, Rodeo Finance, a leveraged yield farming protocol, suffered an oracle manipulation attack resulting in a loss of approximately 472 ETH ($890,000). The attacker exploited vulnerabilities in the protocol’s Time Weighted Average Price (TWAP) oracle by sandwiching price updates in the ETH-unshETH pool. By artificially inflating the asset price and bypassing an unconfigured strategy sanity check, the attacker was able to borrow excessive funds and arbitrage the protocol.
## Incident Details
- **Discovery Date:** July 11, 2023
- **Incident Date:** July 11, 2023
- **Affected Organization:** Rodeo Finance
- **Sector:** Decentralized Finance (DeFi)
- **Geography:** Global / Arbitrum Network
## Timeline of Events
### Initial Access
- **Date/Time:** July 11, 2023
- **Vector:** Price Oracle Manipulation (Sandwich Attack)
- **Details:** The attacker targeted the ETH-unshETH pool, which served as the price source for the Rodeo Finance TWAP oracle. The TWAP was configured to update every 45 minutes based on the previous four intervals.
### Lateral Movement
- **Step 1:** The attacker executed a series of "sandwich" trades around the oracle's price update windows over three consecutive update cycles.
- **Step 2:** By manipulating the reserve ratio during the update window, the attacker skewed the TWAP calculation to reflect an inflated price for the assets.
- **Step 3:** Simultaneously, the attacker bypassed a "sanity check" because the specific strategy address was unconfigured/left blank, allowing the protocol to accept the manipulated values.
### Data Exfiltration/Impact
- **Step 4:** Using the inflated oracle price, the attacker opened multiple large leveraged positions.
- **Step 5:** The attacker borrowed significantly more funds than the actual collateral value allowed.
- **Step 6:** The attacker swapped the borrowed funds back through the same ETH-unshETH pool, pocketing the difference created by the massive price discrepancy between the protocol's internal oracle and the actual market price.
### Detection & Response
- **Discovery:** Crypto security firms (Immunefi, Quill Audits) and on-chain monitoring tools flagged the anomalous 472 ETH outflow.
- **Response Actions:** Protocol activity was reviewed; however, the lack of immediate circuit breakers allowed the attacker to complete the exploit loop.
## Attack Methodology
- **Initial Access:** Smart contract interaction via the Arbitrum network.
- **Persistence:** Not applicable (Atomic/Multi-block transaction exploit).
- **Privilege Escalation:** Exploitation of an unconfigured strategy address to bypass validation logic.
- **Defense Evasion:** Executing the attack over three update cycles to blend with TWAP logic; exploiting the "blind spot" during the 45-minute oracle update interval.
- **Impact:** Intentional price distortion (Oracle Manipulation) to facilitate under-collateralized borrowing.
## Impact Assessment
- **Financial:** Loss of approximately 472 ETH (valued at ~$890,000 USD at the time of the incident).
- **Data Breach:** None (non-custodial protocol).
- **Operational:** Disruption of leveraged yield farming pools and temporary loss of liquidity.
- **Reputational:** Significant loss of investor confidence due to an "unconfigured" security parameter (sanity check).
## Indicators of Compromise
- **Network Indicators:** Smart contract interactions on Arbitrum with the Rodeo Finance "Investor" contract.
- **Behavioral Indicators:** Large-scale sandwich attacks specifically timed with the 45-minute TWAP update intervals of the ETH-unshETH pool.
- **Contract Indicators:** Transactions involving the unconfigured strategy address that bypassed price sanity checks.
## Response Actions
- **Containment:** Analysis of the vulnerable oracle feeds and strategy configurations.
- **Eradication:** Identification of the missing configuration in the strategy address.
- **Recovery:** Public disclosure by security partners (Immunefi/Quill Audits) to warn the community and detail the exploit mechanism.
## Lessons Learned
- **TWAP Vulnerabilities:** TWAP oracles are not immune to manipulation, especially when the underlying pool has low liquidity or when updates can be forecasted and "sandwiched."
- **Configuration Management:** The "unconfigured strategy address" highlights a critical failure in deployment procedures; security features (sanity checks) are useless if they are not active.
- **Oracle Redundancy:** Relying on a single source of truth (one pool) for pricing creates a single point of failure.
## Recommendations
- **Multi-Oracle Implementation:** Integrate redundant oracles (e.g., Chainlink) alongside TWAP to ensure price deviations are caught.
- **Sanity Check Enforcement:** Implement "Circuit Breakers" that prevent transactions if the price changes by more than a specific percentage (e.g., 10%) within a single interval.
- **Enhanced Deployment Audits:** Use automated scripts to verify that all strategy addresses and safety parameters are correctly initialized before moving to production.
- **Liquidity Monitoring:** Avoid using pools with low liquidity as the primary source for price oracles.