The dForce decentralized finance protocol experienced a significant security breach on February 10, 2023, when an attacker exploited a read-only reentrancy vulnerability in its wstETH/ETH pool integration, draining approximately $3.64 million across both Arbitrum and Optimism networks. The incident sent ripples through the DeFi community and reignited conversations about the persistent threat of reentrancy attacks in smart contract ecosystems.
The Exploit Mechanics
The attack centered on a sophisticated manipulation of the Curve LP Oracle pricing mechanism used by dForce’s lending protocol. The vulnerability, known as “read-only reentrancy,” occurs when a view function is reentered during an inconsistent state, causing it to report manipulated values to dependent protocols.
According to the post-mortem analysis published by QuillAudits, the attacker initiated the exploit by borrowing 68,429 ETH through flash loans from multiple lending protocols. The attacker then added liquidity to the wstETHCRV pool, receiving 65,343 wstETHCRV tokens in return. A portion of these tokens — approximately 1,904 wstETHCRV — was transferred to a secondary contract and deposited into the dForce vault via the wstETHCRV-gauge.
The critical moment came when the attacker invoked the remove_liquidity function. During the ETH transfer back to the attacker, the LP tokens were not burned, but the ETH pool balance was reduced. Since the get_virtual_price() function calculates pricing based on total supply, the reduced ETH pool with unchanged total supply caused the virtual price to decrease artificially.
By manipulating the virtual price of the wstETH/ETH pair, the attacker was able to liquidate other users’ positions in the vault at artificially deflated prices, profiting by approximately 1,236.65 WETH — roughly $1.91 million — on Arbitrum alone. An identical attack on Optimism yielded an additional $1.73 million in stolen funds.
Affected Systems
The exploit specifically targeted dForce’s lending vaults on Arbitrum and Optimism, two of Ethereum’s most prominent Layer 2 scaling networks. dForce, which describes itself as a comprehensive DeFi protocol suite for assets, lending, and trading, is deployed across multiple chains including Ethereum mainnet, Arbitrum, Optimism, Polygon, Binance Smart Chain, and KAVA.
At the time of the attack, Bitcoin was trading at approximately $22,220 and Ethereum at $1,556, according to CoinMarketCap data from February 14, 2023. The broader crypto market was showing modest recovery signs, with Ethereum gaining 3.3% over the previous 24 hours, while Bitcoin was up 1.89%.
The vulnerability was not unique to dForce — it stemmed from a well-documented class of reentrancy issues associated with Curve Finance’s LP token oracle integration. Multiple protocols relying on similar oracle designs have faced comparable attack vectors, making this exploit part of a broader pattern affecting the DeFi landscape.
The Mitigation Strategy
Immediately after the attack on February 10, the dForce team paused all vaults and publicly disclosed the breach through a Twitter thread. On February 11, the team announced that it had identified the attacker’s IP address, device information, and other identifying details, initiating direct negotiations for the return of stolen funds.
The strategy proved effective. By February 13, the attacker returned all stolen funds to dForce. The protocol team offered a bounty in exchange for the cooperation, though the exact amount was not publicly disclosed. This represented one of the rare cases in DeFi history where exploited funds were successfully recovered through on-chain negotiation rather than law enforcement intervention.
The incident prompted renewed calls for more rigorous smart contract auditing, particularly focusing on oracle integration patterns and view function reentrancy guards. Security researchers emphasized that view functions should implement the same reentrancy protections as state-modifying functions when their outputs influence financial logic.
Lessons Learned
The dForce exploit underscores several critical lessons for the DeFi ecosystem. First, oracle dependencies represent a significant attack surface that extends beyond individual protocols. When multiple DeFi platforms rely on the same oracle infrastructure — in this case, Curve’s LP pricing mechanism — a vulnerability in the shared component can cascade across the entire ecosystem.
Second, the speed of the response matters. dForce’s decision to pause vaults immediately and engage in direct negotiation with the attacker was instrumental in recovering the funds. Protocols that delay response times often find that stolen assets have been laundered through mixing services or cross-chain bridges, making recovery impossible.
Third, the exploit highlights the ongoing tension between composability and security in DeFi. While the ability to integrate with existing protocols like Curve is a fundamental feature of decentralized finance, each integration point introduces potential vulnerabilities that must be thoroughly audited and continuously monitored.
User Action Required
For users of dForce and similar DeFi protocols, this incident serves as a reminder to diversify across multiple platforms rather than concentrating assets in a single protocol. Users should monitor official protocol channels for security announcements and be prepared to withdraw funds quickly when incidents are disclosed. Additionally, understanding the oracle infrastructure underpinning any lending or trading protocol is essential for assessing risk exposure.
Disclaimer: This article is for informational purposes only and does not constitute financial advice. Always conduct your own research before engaging with any DeFi protocol.
68,429 ETH borrowed via flash loans to drain $3.64M. the attack complexity is insane but the vulnerability was a basic read-only reentrancy. wild gap
68k ETH flash loan for a 3.6M payout. attacker had to be sophisticated enough to understand curve oracle mechanics but the vulnerability itself was a known pattern. audit failure plain and simple
68,429 ETH in flash loans for a $3.64M payout. the attack complexity vs the vulnerability simplicity gap is crazy
sophisticated attack on a basic vulnerability. the attacker understood curve oracle internals better than dForce or their auditors. that knowledge gap is the real exploit
dforce getting hit on both arbitrum and optimism simultaneously is rough. multi-chain deployments multiply your attack surface
basic vulnerability, massive impact. the gap between protocol complexity and audit quality keeps growing
read-only reentrancy is sneaky because devs assume view functions are safe. the curve LP oracle returning stale data during reentry is a known pattern
read-only reentrancy strikes again. this exact pattern was documented after the curve pool exploits. teams need to stop copy pasting oracle integrations without checking for this
zara is right about the copy paste problem. read-only reentrancy has been documented since at least 2021. no excuse for missing it in 2023
protocol teams treat curve oracles as black boxes. they integrate them without understanding that view functions can return stale data during reentrancy. read the docs or get exploited
$3.64M drained because of read-only reentrancy on a curve LP oracle. this exact pattern hit 3 other protocols in 2022. at what point does copy-pasting oracle integrations become negligence
proxy scan is spot on, this pattern hit 3 protocols in 2022 alone. copy pasting curve oracle integrations without reentrancy guards is wild