Gains Network Fork Bugs Allowed Traders to Earn 900% Profit

Key Insights:

• Zellic found bugs in a Gains Network fork, enabling traders to profit 900% on each trade, irrespective of token price.
• Two critical flaws in the protocol allowed manipulation of stop-loss and open prices, leading to significant unauthorized gains.
• Zellic warns that developers of affected forks have patched the vulnerabilities, but other forks might still be at risk.

A recent report by blockchain security firm Zellic has uncovered critical vulnerabilities in a fork of the Gains Network leveraged trading protocol, enabling traders to achieve unprecedented profits. According to the April 19 report, these flaws could have allowed traders to earn 900% returns on every trade, irrespective of the token’s market price.

Zellic’s investigation revealed two distinct bugs within the Gains Network fork. One of these vulnerabilities had existed in a previous version of the original Gains protocol but was subsequently patched. The other flaw was specific to the forked version studied by Zellic. The security firm has notified the developers of the affected forks, including Gambit Trade, Holdstation Exchange, and Krav Trade, ensuring that these teams have implemented measures to address these issues. However, Zellic cautions that other forks of Gains Network might still be susceptible to these exploits.

Functioning of the Gains Network Protocol

Gains Network operates a decentralized finance (DeFi) ecosystem on Polygon and Arbitrum, with its leveraged trading application, gTrade, having facilitated over $25 billion in derivatives volume since May 2023. The protocol allows users to place various types of orders—market, reversal, or momentum trades. A market order executes immediately at the current price, while reversal and momentum trades create limit orders that trigger once a specified price is reached. An executor can then fill these orders, earning a small fee for doing so.

When users place orders, they can set take-profit and stop-loss prices, enabling automatic exits at profitable or losing positions. The design is intended to function similarly to a centralized exchange but without a central authority managing the trades.

First Bug: Exploit in Buy Orders

The first bug identified by Zellic was in how the stop-loss price was stored in the “currentPrice” variable. This storage flaw allowed users to set a stop-loss above the open price, enabling automatic and unwarranted profits. For instance, if Bitcoin was priced at $63,000, a user could place an open order at $62,000 with a stop-loss at $64,000. Upon the price reaching $62,000, the order would fill and immediately trigger the stop-loss, falsely recording a $2,000 profit.

The protocol had a safeguard to prevent setting a stop-loss above the open price, but Zellic found that this check could be bypassed. By placing an order with an extremely high open price and executing it themselves, attackers could manipulate the opening price to fall below the stop-loss, ensuring a 900% profit upon execution.

Second Bug: Exploit in Sell Orders

The second vulnerability pertained to sell orders and involved the miscalculation of profit percentages when extreme values were entered. When an order was closed, the smart contract converted the stop-loss or take-profit values into a variable used for profit calculations. If a user entered the maximum possible value (2^256-1), the resulting calculation would overflow and become negative. This overflow allowed attackers using leverage greater than 9x to exploit the system, achieving a 900% profit by manipulating the stop-loss or take-profit values after the order was opened.

Response and Precautions

Zellic has communicated these findings to the Crypto Security Alliance to identify other potentially vulnerable protocols. Although the current version of Gains Network has patched the second flaw, the investigation suggests that forks of the protocol might still contain these bugs, risking significant financial loss for users.

Gains Network emphasizes providing accurate spot prices for assets and claims superior forex trading capabilities compared to competitors. However, these recent discoveries highlight the importance of robust security measures and continuous monitoring in the DeFi space to protect users’ funds and maintain the integrity of decentralized trading platforms.