Cross-chain lending protocol Radiant Capital fell victim to a sophisticated flash loan attack on January 3, 2024, resulting in the loss of approximately $4.5 million worth of ETH. The exploit targeted a critical rounding vulnerability in the protocol’s smart contract code on the Arbitrum network, forcing the team to immediately pause operations while security teams investigated the incident.
The Exploit Mechanics
The attacker executed a multi-step flash loan attack that exploited a precision rounding error in Radiant Capital’s liquidity index calculation. The root cause lay in the formula used by the protocol to calculate token quantities: (a * RAY + b/2) / b, where RAY represents a precision multiplier of 10^27. Under normal operating conditions, the variable ‘b’ is significantly smaller than ‘a’, making rounding errors negligible. However, the attacker deliberately manipulated these values to be close in magnitude, causing a substantial rounding discrepancy.
The attack began when the perpetrator obtained a 3 million USDC flash loan through Aave. The attacker then deposited 2 million USDC into the Radiant contract, receiving rUSDCn token certificates in return. A second flash loan was used to borrow 2 million USDC through the Radiant contract itself, while simultaneously extracting the pledged USDC in the callback function. A 9/10000 fee was collected as liquidity for the pool during this process.
The critical outcome was a manipulated liquidity index value of approximately 271.8 * 10^27, dramatically exceeding the initial 10^27 baseline. This inflated index became the foundation for the profit extraction phase of the attack.
Affected Systems
The exploit exclusively targeted Radiant Capital’s deployment on the Arbitrum network. The attacker’s address (0x826d5f4d8084980366f975e10db6c4cf1f9dde6d) deployed a dedicated attack contract (0x39519c027b503f40867548Fb0c890b11728faA8F) to execute the exploit against the vulnerable contract at 0xF4B1486DD74D07706052A33d31d7c0AAFD0659E1.
With Bitcoin trading at approximately $42,848 and Ethereum at $2,210 on the day of the attack, the $4.5 million loss represented a significant blow to the protocol’s liquidity reserves. The broader market was already under pressure from a flash crash triggered by a Matrixport report about potential SEC ETF rejections, compounding the negative sentiment around DeFi security.
The Mitigation Strategy
Following the detection of the exploit, Radiant Capital’s team immediately paused all protocol operations on Arbitrum to prevent further losses. Security firms including PeckShield and Beosin were engaged to conduct a thorough analysis of the attack vector. The protocol’s emergency response team worked to identify the exact vulnerability and assess whether other deployment chains faced similar risks.
The mitigation approach involved a comprehensive audit of all rounding-related calculations within the codebase. The development team needed to implement a more robust calculation framework that would prevent manipulation of the liquidity index, regardless of how deposit and withdrawal values were structured by potential attackers.
Lessons Learned
The Radiant Capital incident serves as a stark reminder that even well-established DeFi protocols can harbor critical vulnerabilities in seemingly mundane mathematical operations. Rounding errors, when exploitable, can cascade into multi-million dollar losses within a single transaction. The attack highlights the importance of thorough boundary condition testing during smart contract audits.
Flash loan attacks continue to be one of the most potent weapons in a DeFi attacker’s arsenal. The permissionless nature of flash loans, combined with the composability of DeFi protocols, creates an environment where attackers can leverage enormous capital without any upfront investment. Protocols must design their systems assuming that attackers have access to virtually unlimited capital through flash loans.
User Action Required
Users who had funds deposited in Radiant Capital’s Arbitrum markets should monitor the protocol’s official communication channels for updates on the recovery process. The team is expected to release a detailed post-mortem with a remediation plan. In the meantime, users should exercise caution when interacting with any DeFi protocol that has not undergone a comprehensive audit covering edge cases in mathematical precision handling. Always verify that a protocol has been audited by multiple reputable security firms before depositing significant funds.
Disclaimer: This article is for informational purposes only and does not constitute financial advice. Always conduct your own research before making investment decisions.
3 million USDC flash loan from Aave to drain 4.5M in ETH. the ROI on these attacks is insane
rekt_index the ROI on flash loan attacks is always insane. 3M borrowed to extract 4.5M, all in one tx. traditional finance needs weeks of legal setup for less leverage
rounding errors in RAY precision. feels like every lending protocol relearns this lesson the expensive way
^ the (a * RAY + b/2) / b formula is literally in every aave fork. scary how many protocols use it without checking edge cases
every aave fork copies the RAY precision math without stress testing edge cases. this will keep happening until protocols write their own math libraries
its not just aave forks. any protocol using fixed point math with RAY precision has this lurking. compound v2 had a similar issue years ago
flash loan ROI of 50% in a single tx. the attacker paid maybe $10 in gas to borrow 3M USDC and walked with 4.5M in ETH. traditional finance needs weeks of setup for that kind of leverage
the attacker deposited 2M USDC to manipulate the ratio between a and b in the RAY formula. elegant exploit but the fix was a one-line bounds check
one line bounds check that cost 4.5M. audit firms really need to start testing with manipulated RAY values as a standard test case
agreed. any audit that doesnt include manipulated precision inputs is incomplete. Certora and Halmos can catch these mathematically but most teams skip formal verification to save 30k
Felix Braun a one-line bounds check costing 4.5M is painful. every aave fork just copies the RAY math assuming its been tested. assumption tax keeps bleeding protocols
formal verification costing 30k sounds steep until you compare it to a 4.5M exploit. the math on that is obvious yet teams still skip it