Hundred Finance: ERC-4626-style cToken exchange rate manipulation + rounding error
Hundred Finance is a Compound fork that uses hTokens (cTokens) to track lending positions. The protocol had deployed two WBTC hToken markets — one active and one empty (unused by the UI). The empty hWBTC market became the attack surface.
Summary #
Hundred Finance suffered a Lending / Money Market (Compound V2 fork) on 2023-04-15, resulting in a loss of approximately $7M.
What happened #
Hundred Finance is a Compound fork that uses hTokens (cTokens) to track lending positions. The protocol had deployed two WBTC hToken markets — one active and one empty (unused by the UI). The empty hWBTC market became the attack surface.
Linked factors #
- RD-F-077 — causal : Prior exploit count [via cross-hack: Factor 5: Second Exploit on Same Protocol]
- RD-F-078 — causal : Chronic flag (≥3 prior exploits) [via cross-hack: Factor 5: Second Exploit on Same Protocol]
- RD-F-079 — causal : Same-root-cause repeat exploit [via cross-hack: Factor 5: Second Exploit on Same Protocol]
- RD-F-126 — causal : Is-a-fork-of (Cat 8 anchor) [via dashboard_risk_factors/Forked?: Yes — Compound V2 fork]
- RD-F-127 — related : Upstream Compound has patches that may not be merged here [via dashboard_risk_factors/Forked?: Yes — Compound V2 fork]