Time Token Hack—Dec 7, 2023—Detailed Evaluation Report


On December 7, a considerable exploit occurred on the TIME token. TIME token serves because the inherent token of Chrono.tech, a decentralized finance (DeFi) platform performing on the Ethereum blockchain.

This incident resulted in a lack of ~89.5 ETH, out of which the attacker gained 84.6 ETH ($188K). The assault revolved across the vulnerable Forwarder contract, enabling the attacker to eat a good portion of TIME tokens via the execution of a transaction from an arbitrary sender handle.

About Chronotech (TIME)

Chrono.tech, based in 2016, provides blockchain-driven options for recruitment, HR, and fee procedures, diminishing obstacles to entry for employment and making certain safe fund transfers throughout the worldwide labor market. The venture’s market cap is $14,962,202.

Chrono.tech contains numerous providers, accompanied by its native governance token TIME, all deployed on various blockchains. These choices embrace LaborX.com, a peer-to-peer freelancing market; TimeX.io, a crypto change leveraging Plasma expertise; AUDT, a stablecoin pegged to the Australian greenback; and PaymentX, a cryptocurrency invoicing and payroll answer.

The TIME token serves because the intrinsic token throughout the Chrono.tech ecosystem and finds utility throughout its merchandise. It may be employed, for instance, to acquire premium account standing and for staking on TimeWarp.finance, resulting in the reception of revenues generated by all providers.

In November 2020, the preliminary TIME token underwent an improve to the brand new ERC677 customary, facilitating integration with different DeFi protocols, decreasing transaction prices, and providing extra advantages, all whereas sustaining full compatibility with the ERC20 customary.

Root Explanation for the Exploit

This assault was a vulnerability on the framework stage, impacting the TIME venture and proving to be a risk to every other venture that makes use of it.

A mistake within the integration of normal ERC-2771 with Multicall, coupled with variations in how calldata is dealt with between them, led to this particular assault incident.

Exploit Transaction: https://etherscan.io/tx/0xecdd111a60debfadc6533de30fb7f55dc5ceed01dfadd30e4a7ebdb416d2f6b6

Attacker’s Handle: 0xfde0d1575ed8e06fbf36256bcdfa1f359281455a

Assault Contract: 0x6980a47bee930a4584b09ee79ebe46484fbdbdd0

Attacked Contract: 0x4b0e9a7da8bab813efae92a6651019b8bd6c0a29

Another assaults which have leveraged this vulnerability are talked about beneath:

  • https://polygonscan.com/tx/0x1b0e27f10542996ab2046bc5fb47297bcb1915df5ca79d7f81ccacc83e5fe5e4
  • https://etherscan.io/tx/0x6bf60f1667c20f705fed4617ebe4aa7e915c05b3fcc050f5cc676f7f01a18b28

Detailed Technical Evaluation

Following is the plan of action that passed off in the course of the hack:

1. The attacker first modified 5 ETH to five WETH.

2. Then the attacker swapped 5 WETH to three,455,399,346 TIME on dex 0x760d…af84.

3. The attacker referred to as the “execute()” operate within the Forwarder contract:

Allow us to break down this course of:

  • Development of ‘req’ (calldata): The attacker initiated the method by creating a selected information set referred to as ‘req’ (calldata) that met sure necessities. Alongside this, the attacker offered the corresponding signature.
  • Verification utilizing “verify()”: The “verify()” operate performed a vital function. It utilized the offered signature to verify whether or not your complete ‘req’ was signed by the required handle, req.from, as declared throughout the ‘req.’
  • Arbitrary use of a managed handle: The attacker selected the handle 0xa16a5f37774309710711a8b4e83b068306b21724, which was below their management and had a assured eligible nonce. The attacker signed the ‘req’ information with the non-public key of this handle, efficiently passing the verification course of.
  • Execution utilizing “execute()” and “call()”: The “execute()” operate then referred to as the “call()” operate, packaging ‘req.data’ and ‘req.from’ as parameters for the “call()” operate. The ‘req.to’ was specified as 0x4b0e9a7da8bab813efae92a6651019b8bd6c0a29 (TIME contract), and the selector of the multicall(bytes[]) operate was 0xac9650d8.
  • Delegate invocation to TIME contract: The “call()” operate was tantamount to invoking the “multicall(bytes[])” operate of the TIME contract. The multicall operate straight handed the calldata parameter to delegatecall().
  • Parsing downside with calldata: A difficulty arose in the course of the parsing course of. The preliminary ingredient of the bytes array (information[0]) had a size of solely 0x38, signifying the absence of the req.from worth (0000000000000000a16a5f37774309710711a8b4e83b068306b21724). The “execute()” operate within the Ahead contract added this worth following req.information.
  • Misinterpretation of parameter passing: The developer aimed to incorporate the verified req.from worth within the calldata despatched to the TIME contract for permission management. Nonetheless, there was a misunderstanding within the parsing logic. The developer mistakenly believed that merely combining req.information and req.from via splicing was ample to incorporate req.from within the calldata despatched to the TIME contract.
  • Truncation by “multicall()”: The “multicall()” operate, nevertheless, straight truncated req.from as a result of it didn’t adhere to the calldata parsing logic. This led to a big error for the reason that verified req.from worth was not transmitted to the TIME contract as anticipated.
  • Incorrect execution by TIME contract: The TIME contract mistakenly acquired an handle managed by the attacker, which had not been verified. In consequence, the TIME contract executed the burn logic on the inaccurate goal attributable to this surprising and faulty handle.

4. The burn() operate throughout the TIME contract when invoked, the _msgSender operate performs a vital function in figuring out whether or not the entity initiating the decision (msg.sender) is a Forwarder contract.

If the msg.sender is recognized as a Forwarder contract, a selected motion takes place. The operate extracts the final 20 bytes of the calldata (the information offered when calling the operate), and these 20 bytes are then returned as the primary parameter for the _burn() operate.

Primarily based on the sooner examination, the handle successfully despatched to the TIME contract is 760dc1e043d99394a10605b2fa08f123d60faf84 (comprising the final 20 bytes of calldata). This specific handle falls below the management of the attacker and serves because the goal pool handle for the supposed assault. The TIME contract executed the burning of 62 billion TIME tokens on 0x760d…af84.

Subsequently, solely 9,999,999 Time tokens remained within the pool, leading to an exceptionally excessive destruction ratio of 99.9%. The attacker invoked the synchronization operate of the pool to align reserves, intending to govern the value. Concurrently, they exchanged 3,455,399,346 TIME for 94.5 WETH throughout the pool.

Consequently, the TIME contract mistakenly consumed a considerable amount of tokens from the attacker-controlled goal pool as a substitute of the supposed handle.

Stolen Fund Particulars

The TIME token hack incident resulted within the theft of about 89.5 ETH, estimated to a worth of roughly $188,000.

Subsequently, these tokens have been traded for a substantial amount of WETH, ultimately being transformed again to ETH, with a portion allotted for a bribe Flashbots in the course of the transaction.

Hack Aftermath

The attacker incinerated greater than 62 billion TIME tokens, inflicting a big depletion within the token pool. The TVL, on the time of writing, stands at $210,184.

Mitigation Steps

Addressing such an assault requires the implementation of safety measures to each stop and establish such vulnerabilities. Listed below are just a few mitigation steps:

Improve Calldata Validation

  • Incorporate complete validation checks for calldata to confirm that solely legitimate and anticipated information is accepted.
  • Embody sturdy parsing mechanisms that precisely interpret and course of calldata parameters, avoiding vulnerabilities stemming from misinterpretations.

Implement Strict Permission Controls

  • Implement strict permission controls on crucial capabilities, such because the burn() operate, making certain that solely approved addresses or contracts can execute them.
  • Make the most of entry management mechanisms to confirm the legitimacy of the caller and forestall unauthorized entry to delicate capabilities.

Audit and Testing

  • Conduct complete safety audits of smart contractsparticularly these dealing with crucial operations like token burning and fund transfers.
  • Implement in depth testing, together with each unit testing and state of affairs testing, to establish and handle potential vulnerabilities earlier than deploying contracts to the mainnet.

By incorporating these mitigation steps, builders can fortify sensible contracts towards the described assault course of, enhancing total safety and minimizing the chance of exploitation.


The incident involving the TIME token underscores the inherent vulnerabilities in sensible contracts, demonstrating how even a minor mistake can lead to important monetary penalties.

The first motive for the exploit was the alteration of the Forwarder contract, which was designed to execute transactions from any given handle. Initiatives ought to be cautious in regards to the frameworks employed in a contract and totally analyze all such exterior contracts.

Transferring ahead, emphasis ought to be positioned on strengthening safety protocols and educating the blockchain neighborhood to avert comparable incidents.

Author: ImmuneBytes
Date: 2023-11-30 08:34:00

Source link



Related articles

Alina A, Toronto
Alina A, Torontohttp://alinaa-cybersecurity.com
Alina A, an UofT graduate & Google Certified Cyber Security analyst, currently based in Toronto, Canada. She is passionate for Research and to write about Cyber-security related issues, trends and concerns in an emerging digital world.


Please enter your comment!
Please enter your name here