Add incident exposure reviews for Rhea and SWEAT exploits#424
Add incident exposure reviews for Rhea and SWEAT exploits#424royalf00l wants to merge 2 commits into
Conversation
Adds two notes under audits/2026-04-29/: - sweat-exploit-analysis.md: reviews the 2026-04-29 hodl-lockup.sweat drain (~13.71B SWEAT). The on-disk sweatco/hodl-lockup source has several privileged paths (edit, terminate, update_contract) gated by a single hot key with no timelock — most likely root cause is a manager / deposit whitelist key compromise. Templar's analogous surfaces are protected by #[private] callbacks, predecessor-checked FT receivers, role-based auth with a timelocked governance state machine, no admin path that can move user funds, and registry-based code deploys. - rhea-exploit-analysis.md: reviews the 2026-04-16 Rhea/Burrow margin exploit (~\$18.4M). Buggy code is in burrowland/contracts/contract/src/margin_trading.rs:86-113 (RefV1TokenReceiverMessage::get_token_in/get_token_out) — slippage check sums amount_in / min_amount_out across every action whose token name matches, ignoring intermediate token reuse, so multi-hop routes through attacker-controlled fake Ref pools bypass slippage. Templar has no margin trading, no multi-hop swap routing, no DEX integration that consumes user-supplied action chains; slippage checks are single-step against convert_to_shares / convert_to_assets in the vault kernel. Notes only — no code change.
Adds a section to the Rhea exploit note explaining that the Burrow contract co-mingles every asset and every user (and every margin position) in shared maps inside a single Contract, so a slippage-validation bug in the margin subsystem drained the protocol's shared reserve pool. Templar is structured the opposite way: each lending market is its own deployed contract (registry creates a fresh subaccount) with exactly one borrow asset and one collateral asset (rejected if equal). The vault is a separate contract on top with a single underlying, and exposes user deposits to markets only via per-market caps set through timelocked governance. A hypothetical comparable bug in one market is bounded to that market's TVL. Includes a new conclusion bullet for isolated markets and another for the vault's capped, curator-set market exposure. Notes only — no code change.
📝 WalkthroughIncident Exposure Reviews: Rhea and SWEAT ExploitsThis PR adds two audit-only documents (no code changes) analyzing recent protocol incidents on NEAR and confirming Templar's resilience to these attack classes. Rhea Finance Exploit Analysis (
|
| Cohort / File(s) | Summary |
|---|---|
Audit Analysis Documents audits/2026-04-29/rhea-exploit-analysis.md, audits/2026-04-29/sweat-exploit-analysis.md |
New incident documentation analyzing Rhea token slippage aggregation bug and Sweat admin entrypoint authorization vulnerabilities, mapping each to Templar's architecture and confirming existing protections address identified attack surfaces. No code changes required. |
Estimated code review effort
🎯 1 (Trivial) | ⏱️ ~3 minutes
🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
| Check name | Status | Explanation |
|---|---|---|
| Title check | ✅ Passed | The title accurately summarizes the main change: adding incident exposure reviews for Rhea and SWEAT exploits. |
| Description check | ✅ Passed | The description provides comprehensive context about both audit documents, their findings, and how Templar's architecture mitigates the identified risks. |
| Docstring Coverage | ✅ Passed | No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check. |
| Linked Issues check | ✅ Passed | Check skipped because no linked issues were found for this pull request. |
| Out of Scope Changes check | ✅ Passed | Check skipped because no linked issues were found for this pull request. |
✏️ Tip: You can configure your own custom pre-merge checks in the settings.
✨ Finishing Touches
🧪 Generate unit tests (beta)
- Create PR with unit tests
- Commit unit tests in branch
claude/audit-notes-exploits-2026-04
Warning
Review ran into problems
🔥 Problems
Errors were encountered while retrieving linked issues.
Errors (1)
- LINEAR integration encountered authorization issues. Please disconnect and reconnect the integration in the CodeRabbit UI.
Review rate limit: 4/5 reviews remaining, refill in 12 minutes.
Comment @coderabbitai help to get the list of available commands and usage tips.
|
for posterity. No need to actually merge |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 3
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@audits/2026-04-29/rhea-exploit-analysis.md`:
- Line 13: The document currently cites mutable repo paths and path:line
references; update every external/internal code citation in
audits/2026-04-29/rhea-exploit-analysis.md to use commit-pinned permalinks
(exact SHA commit URLs) for github.com/rhea-finance/burrowland and
github.com/ref-finance/burrowland and any other repo cited, replacing path:line
links with the corresponding blob/commit SHA permalinks; follow a consistent
pattern (e.g.,
https://github.com/<org>/<repo>/blob/<commit-sha>/<path>#Lstart-Lend), add a
short "Sources / SHAs" section enumerating each repo + commit SHA used, and
ensure every existing inline code reference and quoted snippet links to the
exact commit so future line drift cannot invalidate the analysis.
In `@audits/2026-04-29/sweat-exploit-analysis.md`:
- Around line 15-16: Replace any mutable "path:line" references with
commit-pinned permalinks to the exact commits for both the SWEAT repo
(github.com/sweatco/hodl-lockup — reference the commit that matches Cargo.toml:
name "hodl-lockup", version "1.1.0") and the Templar source; update every
instance where you currently cite file:line (including the places around the
Cargo.toml mention and the two later citations) so each link points to the
specific commit SHA permalink on GitHub and include the file path within that
commit to preserve forensic reliability.
- Around line 26-31: Add blank lines immediately before the opening ```rust
fence and after the closing ``` fence surrounding the EDITABLE_ACCOUNTS const
block so the fenced code block has a blank line above and below (fixing MD031);
locate the block containing the symbol EDITABLE_ACCOUNTS and insert a single
empty line above the ```rust line and a single empty line after the closing ```
to satisfy markdownlint.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: ASSERTIVE
Plan: Pro
Run ID: f9e4a7d2-3c14-4de4-9f4c-5a576bdf09e5
📒 Files selected for processing (2)
audits/2026-04-29/rhea-exploit-analysis.mdaudits/2026-04-29/sweat-exploit-analysis.md
|
|
||
| ## Investigation constraints | ||
|
|
||
| External writeups (Halborn, Phemex, AMBCrypto, TechFlowPost, Rhea's own X post) all return 403 from this sandbox's egress proxy; I could only fetch GitHub. The analysis below is therefore based on direct review of the deployed Burrow source at `github.com/rhea-finance/burrowland` (mirrored at `github.com/ref-finance/burrowland`) cross-referenced against the publicly reported root cause: "the slippage protection algorithm summed all `min_amount_out` values across swap actions and did not account for swap actions where the output token of one step is reused as the input of the next." |
There was a problem hiding this comment.
🛠️ Refactor suggestion | 🟠 Major
Use immutable evidence links for audit-grade reproducibility.
This note cites mutable path:line references and repository roots, but not commit-pinned permalinks. Please pin every external/internal code citation to exact SHAs so future line drift cannot invalidate the analysis or its “no code change” conclusion (Lines 13, 17-18, 56-57, 147-151, 168-170).
Proposed doc hardening pattern
- The buggy code is in `contracts/contract/src/margin_trading.rs`, in ...
+ The buggy code is in `contracts/contract/src/margin_trading.rs` at Burrow commit
+ `<sha>` (permalink: `https://github.com/<org>/<repo>/blob/<sha>/contracts/contract/src/margin_trading.rs#L86-L113`), in ...
- ... `contract/market/src/impl_token_receiver.rs:26-32` ...
+ ... `contract/market/src/impl_token_receiver.rs` at Templar commit `<templar_sha>`
+ (`https://github.com/<org>/<repo>/blob/<templar_sha>/contract/market/src/impl_token_receiver.rs#L26-L32`) ...Also applies to: 17-18, 56-57, 147-151, 168-170
🧰 Tools
🪛 LanguageTool
[grammar] ~13-~13: Ensure spelling is correct
Context: ... ## Investigation constraints External writeups (Halborn, Phemex, AMBCrypto, TechFlowPo...
(QB_NEW_EN_ORTHOGRAPHY_ERROR_IDS_1)
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@audits/2026-04-29/rhea-exploit-analysis.md` at line 13, The document
currently cites mutable repo paths and path:line references; update every
external/internal code citation in audits/2026-04-29/rhea-exploit-analysis.md to
use commit-pinned permalinks (exact SHA commit URLs) for
github.com/rhea-finance/burrowland and github.com/ref-finance/burrowland and any
other repo cited, replacing path:line links with the corresponding blob/commit
SHA permalinks; follow a consistent pattern (e.g.,
https://github.com/<org>/<repo>/blob/<commit-sha>/<path>#Lstart-Lend), add a
short "Sources / SHAs" section enumerating each repo + commit SHA used, and
ensure every existing inline code reference and quoted snippet links to the
exact commit so future line drift cannot invalidate the analysis.
| Instead we reviewed the deployed contract source from `github.com/sweatco/hodl-lockup` (`Cargo.toml` matches: `name = "hodl-lockup"`, `version = "1.1.0"`, `authors = ["Sweat Economy"]`). | ||
|
|
There was a problem hiding this comment.
🛠️ Refactor suggestion | 🟠 Major
Pin references to exact commits for forensic reliability.
The document makes high-confidence security claims but cites mutable path:line references. Please add commit-pinned permalinks (both SWEAT source and Templar source) so readers can independently verify claims later without line-drift ambiguity (Lines 15-16, 63-68, 70-71).
Also applies to: 63-68, 70-71
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@audits/2026-04-29/sweat-exploit-analysis.md` around lines 15 - 16, Replace
any mutable "path:line" references with commit-pinned permalinks to the exact
commits for both the SWEAT repo (github.com/sweatco/hodl-lockup — reference the
commit that matches Cargo.toml: name "hodl-lockup", version "1.1.0") and the
Templar source; update every instance where you currently cite file:line
(including the places around the Cargo.toml mention and the two later citations)
so each link points to the specific commit SHA permalink on GitHub and include
the file path within that commit to preserve forensic reliability.
| ```rust | ||
| const EDITABLE_ACCOUNTS: &[&str] = &[ | ||
| "baalhasulam5785.near", | ||
| "e8b49a44e01f2927638a9475e608089238de2befe98eae3807d0844724231b64", | ||
| ]; | ||
| ``` |
There was a problem hiding this comment.
Fix fenced code spacing to satisfy markdownlint (MD031).
Add blank lines before and after the fenced block to avoid lint noise and keep docs CI-clean (Line 26 to Line 31).
Minimal markdown fix
- Lets the caller overwrite `schedule` and `termination_config` for any lockup whose `account_id` matches the hardcoded `EDITABLE_ACCOUNTS` constant at `contract/src/lib.rs:54-57`:
+
```rust
const EDITABLE_ACCOUNTS: &[&str] = &[
"baalhasulam5785.near",
"e8b49a44e01f2927638a9475e608089238de2befe98eae3807d0844724231b64",
];
```
+
- The second entry has the same shape (64-hex-char implicit account) as the exploiter's address, suggesting the on-chain owner of one of those lockups is controlled by the attacker — overwriting the schedule to fully unlocked then calling `claim()` drains it.📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| ```rust | |
| const EDITABLE_ACCOUNTS: &[&str] = &[ | |
| "baalhasulam5785.near", | |
| "e8b49a44e01f2927638a9475e608089238de2befe98eae3807d0844724231b64", | |
| ]; | |
| ``` | |
| - Lets the caller overwrite `schedule` and `termination_config` for any lockup whose `account_id` matches the hardcoded `EDITABLE_ACCOUNTS` constant at `contract/src/lib.rs:54-57`: |
🧰 Tools
🪛 markdownlint-cli2 (0.22.1)
[warning] 26-26: Fenced code blocks should be surrounded by blank lines
(MD031, blanks-around-fences)
[warning] 31-31: Fenced code blocks should be surrounded by blank lines
(MD031, blanks-around-fences)
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@audits/2026-04-29/sweat-exploit-analysis.md` around lines 26 - 31, Add blank
lines immediately before the opening ```rust fence and after the closing ```
fence surrounding the EDITABLE_ACCOUNTS const block so the fenced code block has
a blank line above and below (fixing MD031); locate the block containing the
symbol EDITABLE_ACCOUNTS and insert a single empty line above the ```rust line
and a single empty line after the closing ``` to satisfy markdownlint.
2 participants
Summary
Add two audit documents analyzing recent protocol exploits (Rhea Finance margin-trading and SWEAT lockup drains) and confirming that Templar's architecture and implementation are not vulnerable to the same attack classes.
Changes
audits/2026-04-29/rhea-exploit-analysis.md— Analysis of the Rhea Finance (Burrow) $18.4M margin-trading exploitmin_amount_outacross multi-hop swaps when tokens are reused in the routeaudits/2026-04-29/sweat-exploit-analysis.md— Analysis of the SWEAT lockup drain (~13.71B SWEAT, ~65% of supply)update_contract#[private]on all callbacks, predecessor validation on FT receivers, no admin paths that move user funds, and timelocked governance for sensitive operationsNotable Details
Both analyses are marked "review only — no code change required" and serve as incident exposure documentation rather than bug reports. They establish that Templar's isolated-market design, lack of leverage/swap-routing features, and timelocked governance structurally prevent the attack classes that affected Rhea and SWEAT.
https://claude.ai/code/session_01WWkR2nd7eL9PsjhsjgdNte
This change is