Citadel Finance, a treasury-backed protocol operating on the Arbitrum network, fell victim to a sophisticated flash loan attack on January 27, 2024, resulting in the loss of 43 ETH worth approximately $93,000. The exploit highlights persistent vulnerabilities in DeFi protocols that rely on on-chain price oracles without adequate manipulation safeguards.
The Exploit Mechanics
The attacker executed a precision strike exploiting a critical flaw in the CITRedeem contract. The root cause was the contract’s reliance on the getAmountsOut function from the Camelot Router, which used the WETH/USDC liquidity pool pair to calculate redemption amounts. This dependency created an attack surface that could be exploited through price manipulation.
The exploit unfolded in a carefully orchestrated sequence. First, the attacker obtained a flash loan of approximately 4,500 WETH from a lending protocol. This substantial capital was then deposited into the Camelot liquidity pool, deliberately distorting the WETH/USDC exchange rate. With the pool price artificially manipulated, the attacker called the redeem function on the CITRedeem contract. The manipulated price oracle returned inflated values for the redemption calculation, allowing the attacker to extract 21.326 WETH from the treasury by burning only 30.51 CIT tokens. After repaying the flash loan, the attacker walked away with a net profit derived from the price discrepancy.
Affected Systems
The attack targeted Citadel Finance’s core redemption mechanism on the Arbitrum chain. The CITRedeem contract, responsible for processing both variable and fixed-rate redemptions, was the primary point of failure. The contract supported two underlying assets — USDC and WETH — and two token types — CIT and bCIT. The variable rate redemption path was specifically exploited, as it directly queried the Camelot Router for price conversion.
The Camelot DEX on Arbitrum served as the external dependency that enabled the attack. By manipulating the liquidity depth in the WETH/USDC pool, the attacker skewed the price feed that Citadel Finance trusted for its critical financial calculations. At the time of the attack, ETH was trading at approximately $2,267, making the 43 ETH loss equivalent to roughly $93,000.
The Mitigation Strategy
Flash loan manipulation attacks have become one of the most common exploit vectors in DeFi. The fundamental mitigation involves replacing manipulable on-chain price feeds with robust oracle solutions. Time-weighted average price oracles, such as those provided by Chainlink or Uniswap V2’s cumulative price system, significantly reduce the feasibility of flash loan-based price distortion because they average prices over extended periods rather than relying on instantaneous spot prices.
Protocols should also implement circuit breakers that detect abnormal price deviations within a single transaction or block. If the redemption rate deviates beyond a defined threshold from a time-weighted average, the transaction should revert. Additionally, imposing withdrawal delays or rate limits on large redemptions can prevent single-transaction extraction of significant funds.
Lessons Learned
The Citadel Finance exploit reinforces a critical lesson that has been taught repeatedly across the DeFi ecosystem: any protocol that derives financial calculations from spot prices in low-liquidity pools is inherently vulnerable. The attack required minimal sophistication beyond understanding the contract’s price dependency. With Bitcoin trading near $42,120 and the broader crypto market showing renewed momentum in January 2024, the DeFi sector attracted increased attention from both legitimate users and attackers.
Protocol developers must treat every external data source as a potential attack vector. The assumption that liquidity pools will maintain reasonable prices under all conditions has been disproven numerous times. Independent security audits, formal verification of critical financial logic, and ongoing monitoring for anomalous price movements are essential components of any DeFi deployment.
User Action Required
Users who interacted with Citadel Finance’s redemption contracts should immediately review their transaction history for any unauthorized or unexpected redemptions. If you hold CIT or bCIT tokens, exercise caution before engaging with the protocol until the team has confirmed that the vulnerability has been patched and independently audited. Always verify contract addresses before approving any transactions, and consider using hardware wallets for storing significant crypto holdings. The broader DeFi community should treat this incident as a reminder to research protocol security practices before depositing funds into any yield-generating platform.
Disclaimer: This article is for informational purposes only and does not constitute financial or investment advice. Always conduct your own research before engaging with any DeFi protocol.
only $93K because the protocol was tiny. same exploit pattern could have drained millions on a larger TVL. the getAmountsOut vulnerability is a known antipattern
the TVL was tiny but the exploit pattern is identical to what hit bigger protocols in 2023. $93k is the wake up call before the $9M version happens
4,500 WETH flash loan to manipulate the Camelot pool. classic oracle manipulation that could have been prevented with a simple price deviation check against Chainlink
treasury-backed protocol relying on a DEX router for pricing. what could go wrong lol
treasury-backed and still using getAmountsOut from a DEX router for pricing. this is crypto 101 at this point, use an oracle
using a DEX router as your price oracle in 2024 is wild. Chainlink has been free to integrate for years, no excuse at this point
only $93K because TVL was tiny. Lena is right, a Chainlink price deviation check would have stopped this in one line of code