The fundamental reason for the attack on Yearn's yETH pool contract is the existence of unsafe mathematical operations

According to SlowMist monitoring, the decentralized finance protocol Yearn has suffered a hacking attack, resulting in a loss of approximately $9 million.

The SlowMist security team analyzed the incident and confirmed the root cause as follows: The vulnerability originated from the logic of the calcsupply function used to calculate the supply in the Yearn yETH weighted stablecoin swap pool (Weighted Stableswap Pool) contract. Due to unsafe mathematical operations, this function allowed for overflow and rounding errors during calculations, leading to significant discrepancies in the product of the new supply and the virtual balance. Attackers exploited this flaw to manipulate liquidity to a specific value and over-mint liquidity pool (LP) tokens, thereby profiting illegally. It is recommended to strengthen boundary scenario testing and adopt security-verified arithmetic mechanisms to prevent similar high-risk vulnerabilities such as overflow in similar protocols.

Previously, Yearn released a statement stating that its yETH stable pool was attacked on November 30 at 21:11 UTC, with attackers minting a large amount of yETH through a custom contract, resulting in approximately $8 million in assets being damaged in the pool, and an additional loss of about $900,000 coming from the yETH-WETH pool on Curve.