Convergence Finance Exploit Report

On August 1, 2024, the DeFi protocol Convergence Finance suffered an exploit that resulted in losses of approximately $210,000 USD.

The attack targeted a critical vulnerability in the CvxRewardDistributor contract, which allowed the attacker to mint 58,718,395 CVG tokens —the entire planned staking emissions— and quickly liquidate them on Curve, draining the protocol’s liquidity.

This incident serves as a clear example of how poor input validation in smart contracts can lead to devastating consequences.

Exploit Simulation in a Forked Environment

To technically analyze and validate the attack, a testing environment was set up using Foundry, forking the Ethereum mainnet. This approach allowed us to accurately reproduce the protocol’s real state at the time of the exploit.

Within this environment, the following were deployed:

• The vulnerable version of the CvxRewardDistributor contract.
• A malicious contract that mimicked the claimCvgCvxMultiple() signature and returned inflated values.

Executing claimMultipleStaking() with this malicious contract as an argument resulted in the same on-chain behavior observed during the exploit: fraudulent minting followed by liquidation.

📂 Repository with the simulation:
Convergence PoC in Foundry

The Affected Contract

The CvxRewardDistributor contract was responsible for distributing staking rewards in both CVG and Convex (CVX). Its critical function was claimMultipleStaking(), designed to allow users to claim accumulated rewards from multiple staking contracts.

📌 Note: The function should have validated that the contracts being called were legitimate (e.g., through a whitelist) and ensured that the totalClaim value corresponded to actual rewards rather than arbitrary values returned by external contracts.

Root Vulnerability

The contract failed to validate the legitimacy of the addresses provided in claimContracts[]. This allowed attackers to pass in malicious contracts that returned arbitrary values, artificially inflating cvgClaimable.

Step-by-Step Attack Flow

1. Preparation: Initial funds were sourced from Tornado Cash 0x912c705958f527b08289320c20Ca6c90463AB572.

2. Malicious contract: It mimicked the claimCvgCvxMultiple() signature and returned an arbitrary number with no legitimate calculation.

3. Execution: The attacker called claimMultipleStaking() with the malicious contract included in claimContracts[].

4. Fraudulent mint: 58,718,395 CVG were minted.

5. Immediate liquidation: The tokens were rapidly sold in Curve pools for WETH and other assets, extracting approximately $210,000 USD in liquidity.

📌 Exploit transaction: 0x636be30e58acce0629b2bf975b5c3133840cd7d41ffc3b903720c528f01c65d9
📌 Malicious contract: 0x03560A9D7A2c391FB1A087C33650037ae30dE3aA

Economic Impact

• Tokens minted: 58,718,395 CVG
• Liquidity drained: ≈ $210,000
• Context: This amount represented nearly the entirety of the staking emissions, negatively impacting the protocol’s TVL and the stability of its liquidity pools.

Protocol and Community Response

1. Immediate alert (August 1): Convergence warned users to stop interacting with the protocol.
2. Official post-mortem (August 2): The root cause (missing validation) was identified, and CVG emissions were paused.
3. Recovery attempt (August 6): An on-chain message was sent to the attacker in an effort to negotiate the return of funds.
4. External reports: Security firms such as PeckShield and QuillAudits confirmed the exploit and released technical alerts.
5. Fixes: Validation checks were implemented, and follow-up audits were conducted prior to reopening staking.

Conclusion

The Convergence Finance exploit underscores the need for more rigorous development standards in DeFi. The vulnerability was not present in the original codebase; it emerged after the audits, when the team introduced gas-saving changes and removed a critical validation. While such adjustments may be well-intentioned, they can inadvertently open the door to catastrophic failures.

Key takeaways from this case include:

• Do not sacrifice security for gas optimization. Micro-optimizations should never come at the cost of removing essential validations.
• Strict input validation. External addresses should never be trusted without safeguards such as whitelists or interface checks.
• Defense in depth. Techniques like fuzzing and adversarial scenario testing could have exposed the manipulation.
• Ongoing audits. Any post-audit changes must undergo additional reviews before being deployed on mainnet.
• Coordinated response. Early communication and collaboration with the community helped contain the impact.

Ultimately, developers should integrate these lessons to strengthen their development and testing processes. Every public function in a smart contract represents a potential attack vector—security must always take precedence over gas optimization.