TronBank 200 million BTT Quilt: "Counterfeit Currency" Attack Analysis


According to the weiwei security laboratory ( ), the well-known DApp TronBank suffered a “counterfeit currency” attack in the early hours of the morning. Nearly 200 million BTTs were stolen by attackers in a short period of time, worth nearly one million yuan. Below we make a simple analysis of the contract code problem involved in this "counterfeit currency" attack.


The TRON wave field not only supports the contract token standard TRC-20 like Ethereum ERC-20, but also creates the TRC-10 token standard. This token mechanism does not depend on the TRON virtual machine (TVM), making the currency become more It's easy, but if the developer doesn't have a deep understanding of its features, it's easy to write a defective contract code.

We know that similar to Ethereum ETH, TRX wave currency account operations have native API support:

  • Query balance address.balance
  • Transfer (out of OUT) address.transfer(value);
  • Transfer (into IN) msg.value

Similarly, TRC-10 has similar API support:

  • Query the balance address.tokenBalance(trcToken tokenId) return(uint256 tokenAmount);
  • Transfer (out OUT) address.transferToken(uint256 tokenValue, trcToken tokenId);
  • Transfer (into IN) msg.tokenValue, msg.tokenId

From the parameters of the above API, we can find that an account can hold multiple TRC-10 tokens , they rely on the tokenId to distinguish.

Let's look at the tronBank contract involving the invest function that goes into BTT:

  Function invest(uint256 _referrerCode, uint256 _planId) public payable {
         Require(msg.value == 0, "wrong trx amount");
         If (_invest(msg.sender, _planId, _referrerCode, msg.tokenvalue)) { // <-- did not check emit onInvest(msg.sender, msg.tokenvalue 

} We can find that the invest function does not check whether the msg.tokenId is BTT (the tokenId value of BTT is 1002000), which causes the attacker to transfer the counterfeit currency and count the BTT balance held by the attacker.

Let's take a look at the withdraw() function that the contract involves BTT withdrawal:

  Function withdraw() public payable {
         Uint256 withdrawalAmount = _withdraw();
         If (withdrawalAmount >= 0) {
             msg.sender.transferToken(withdrawalAmount, BTT_ID); //<--- Transfer BTT
             Emit onWithdraw(msg.sender, withdrawalAmount);

We can see that the cashout function is directly transferred to the attacker by BTT, which causes the attacker to successfully implement the "counterfeit currency" attack.

in conclusion

The TronBank “counterfeit currency” incident, in addition to the lack of project-side safety development experience, is also because TRC-10 is a new thing, the official documentation does not give detailed development guidance.

I hope that the future wave field project side will pay more attention to the official development documents. After all, this is the only way for all developers to use a new language or specification. In the development process, developers are more focused on the construction of the project, so the final code should be audited by a professional security company, multi-party cooperation, better protect the rights of users.

All digital currencies have experienced serious security incidents in the early days. BTC, ETH, and EOS are no exceptions. From another perspective, it is because of the high community activity that hackers are concerned. Can grow stronger.

The Dimensional Security Lab ( ) has comprehensive security incident monitoring for the top- notch digital currency ecology, and if the user's digital currency is lost, it can be submitted on the platform for flow monitoring if digital currency inflows The cooperative exchange will freeze in time to recover the losses.