Drift Protocol suffered a staggering loss of at least $270 million due to a clever exploitation of Solana's durable nonces feature. Unlike typical hacks that involve bugs or compromised keys, this incident highlighted significant vulnerabilities in the operational security of decentralized finance (DeFi) governance structures. The exploit was not a result of coding flaws. Instead, the attacker utilized durable nonces, a legitimate feature that allows transactions to remain valid indefinitely.

By pre-signing administrative transfers weeks in advance, the attacker bypassed Drift's multisig security, which required approval from two out of five council members, in mere minutes. On March 23, the attacker created durable nonce accounts linked to legitimate Drift Security Council members, securing valid signatures without raising alarms. This careful planning allowed the attacker to adapt to Drift's operational changes, managing to keep the malicious transactions valid until execution on April 1. The attack began post a legitimate withdrawal test, allowing the attacker to execute pre-signed transactions that drained the protocol's vaults almost instantly.

The stolen assets included a mix of tokens, with over $155 million in JPL tokens and significant amounts in USDC and wrapped Bitcoin, among others. Notably, the primary wallet used for draining funds had been funded just days prior, indicating a well-planned operation. Funds were laundered through intermediary wallets and eventually moved to Ethereum addresses, complicating recovery efforts for investigators. Understanding durable nonces is key to grasping this exploit.

On Solana, every transaction is timestamped with a 'recent blockhash,' which typically expires within 60 to 90 seconds. This expiry is a safety feature designed to prevent stale transactions from being replayed. Durable nonces, however, override this expiration by allowing transactions to remain valid indefinitely. While this feature serves legitimate purposes—such as facilitating offline signing setups and institutional custody solutions—it also creates a considerable risk.

If someone can get a valid signature today, they can execute that transaction weeks or months later, without the signer being aware. Drift’s governance structure relied on a 'Security Council multisig' system, where multiple individuals share control, requiring at least two approvals to authorize an action. This method is standard in DeFi, aiming to enhance security by ensuring that compromising a single individual is insufficient to execute a fraudulent transaction. However, the attacker did not need to compromise anyone's keys.

MORE FROM COINTIMES

Tokenized Oil Futures Cause Major Liquidations Amid Geopolitical Tensions

Oil futures on Hyperliquid experienced significant liquidations amid geopolitical tensions, highlighting the interconnectedness of commodities and crypto markets.

Instead, they capitalized on what Drift described as 'unauthorized or misrepresented transaction approvals.' This implies that the signers likely believed they were approving routine transactions, further highlighting the vulnerabilities within the system. As detailed in a timeline published by Drift, the exploitation was methodical. On March 23, the attacker created four durable nonce accounts—two linked to legitimate Drift council members and two under the attacker's control. By March 27, following a planned migration of the Security Council, the attacker adapted their strategy.

They re-obtained the necessary signatures under the new multisig configuration by March 30, demonstrating a sophisticated understanding of Drift's operational dynamics. On April 1, the attacker executed the plan. Following a legitimate withdrawal test conducted by Drift, the attacker submitted pre-signed durable nonce transactions. Within minutes, they gained complete control of Drift's protocol-level permissions and introduced a fraudulent withdrawal mechanism that drained the vaults of assets.

Onchain researchers tracked the stolen assets in real time, revealing a breakdown that amounted to approximately $270 million. The largest portion was $155.6 million in JPL tokens, with other substantial losses including $60.4 million in USDC and $11.3 million in wrapped Bitcoin. The primary wallet used for the attack had been inactive until the day of execution, adding to the impression of meticulous planning. From there, the stolen funds were transferred to intermediary wallets, which had been recently funded through a decentralized exchange that requires identity verification, potentially providing leads for investigators.

The funds were subsequently moved to Ethereum using Wormhole, a cross-chain bridge, with some addresses reportedly pre-funded through Tornado Cash, a privacy mixer. The attack's execution was not only a significant financial loss but also a stark reminder of the increasingly sophisticated nature of threats facing the DeFi space. ZachXBT, a noted onchain investigator, pointed out that over $230 million in USDC was bridged from Solana to Ethereum immediately after the attack began, criticizing Circle, the issuer of USDC, for failing to freeze the stolen funds during a crucial six-hour window. This incident reflects a broader trend within DeFi, where social engineering and operational oversights are becoming more prevalent than traditional hacking methods.

The durable nonce feature, while designed for legitimate use, poses unique challenges. It allows attackers to separate the approval of transactions from their execution, creating a dangerous gap that can be exploited. The failure in this case was not due to a flaw in the code but rather a breakdown in human oversight.