Cover Protocol (formerly SAFE / SAFE2): Infinite Mint — Blacksmith Farming Contract Withdrawal Bug

Summary #

Cover Protocol (formerly SAFE / SAFE2) suffered a DeFi Insurance Protocol on 2020-12-28, resulting in a loss of approximately $9M.

What happened #

Cover Protocol's Blacksmith farming contract had a 1-wei withdrawal bug that allowed anyone to mint unlimited COVER tokens — six different exploiters found and used it, inflating supply by 48 quadrillion percent, while Grap Finance minted 40 quintillion tokens and returned the ETH to cosplay as a "white hat."

Linked factors #

• RD-F-004 — causal : Audit count likely 0; floor display [via dashboard_risk_factors/Vulnerability in audited or unaudited code: Appears unaudited or newly deployed code path]
• RD-F-006 — causal : Audit-deploy gap — alternate field name [via dashboard_risk_factors/Code newly deployed/upgraded?: Yes — team multisig added new Balancer pool to Blacksmith contract hours before the exploit]
• RD-F-027 — causal : ★ Single admin EOA — when value mentions key compromise [via realtime_signals/Governance/admin action (Y/N): Y — the team's own multisig transaction adding a new pool created the exploitable condition]
• RD-F-076 — related : Protocol age (Cat 5 — < 6 months age signal) [via dashboard_risk_factors/Protocol age: Cover Protocol was the 3rd rename; launched as COVER in late 2020 — weeks old at time of exploit]
• RD-F-101 — illustrative : Large governance proposal queued — RT signal would have fired [via realtime_signals/Governance/admin action (Y/N): Y — the team's own multisig transaction adding a new pool created the exploitable condition]
• RD-F-111 — causal : Team doxx status — pseudonymous-no-track-record class [via dashboard_risk_factors/Team anonymity: Partially anonymous (azeemfi and chefcoverage named in article)]