Bancor Hack (2020-06-16)
Short Version: A public call in the smart contract allowed anybody to withdraw token from the contract. The problem is not the function being public, the allowed input type has been set too general. Bancor did a white hat attack to withdraw all funds. Funds were lost by front running bots, not by hacker. Maybe part of it will be returned for a bug bounty.
What I think about this
It's crazy that an audit did not reveal this, because it looks like a trivial bug/mistake to me. It's not about logical problems, it's about allwod input type, if I am right (Not a smart contract dev myself). Bancor did fix this bug at June 13. It looks like the code fragment was introduced in one step, so like copy/past from another source?
Commit which introduced the bug:
https://github.com/bancorprotocol/contracts-solidity/commit/bd4060bf060cc55aaa11af86ec03a14026ee5b3d#diff-936d4cb65ef1b220e833b30f52f8d74f
Fix: https://github.com/bancorprotocol/contracts-solidity/commit/47d8663d720d49aed55710039875070d514baca4
At risk: $455,349
Lost: $135,229, not by the smart contract failure, but by some front running bot during white hat attack.
Solved: White hat attack and new contraced deployed
Code: https://github.com/bancorprotocol/contracts-solidity/blob/d4b1dc7b2e4d46a555b48ad34fd0fe235abad7b4/solidity/contracts/utility/TokenHandler.sol#L45-L47
Sources
I used these both sources for this short version:
https://blog.bancor.network/bancors-response-to-today-s-smart-contract-vulnerability-dc888c589fe4?gi=ccf539fc91b
https://medium.com/@1inch.exchange/bancor-network-hack-2020-3c71444fd59d
Parity Hack (2017-11-06)
"I accidentally killed it"
https://github.com/openethereum/openethereum/issues/6995
https://medium.com/solidified/parity-hack-how-it-happened-and-its-aftermath-9bffb2105c0