Skip to content
Est. MMXXVIVol. VI · № 273RSS
Blockchain Breaches

An archive of cryptocurrency security incidents — hacks, exploits, bridge failures and rug pulls, documented with on-chain evidence.

Dossier № 022Flash Loan Attack

Alpha Homora / Iron Bank Reentry

A custom 'spell' contract exploited a borrow-share rounding bug to accrue zero shares against real cySUSD debt, draining $37.5M from Alpha Homora and Iron Bank.

Date
Victim
Alpha Finance / Iron Bank
Chain(s)
Ethereum
Status
Funds Stolen

On February 13, 2021, the leveraged-yield protocol Alpha Homora v2 was exploited for approximately $37.5 million through a custom "spell" contract that abused Iron Bank lending on Cream Finance. The attacker used flash loans to manufacture a situation where their borrow shares rounded down to zero while their actual debt accumulated — allowing them to walk away with the borrowed cySUSD.

What happened

Alpha Homora v2 used a primitive called a "spell" — a callable contract that defines how a leveraged position is opened. The protocol let users supply their own spell contracts, trusting that the spell would respect Alpha Homora's accounting invariants.

The attacker constructed a malicious spell that performed a precise sequence of borrows against the Iron Bank's sUSD market:

  1. Borrow N minisUSD from Iron Bank via Alpha Homora.
  2. The protocol calculated borrow shares = N / (total_debt + N) rounded down. For the first tiny borrow, the result was non-zero. But by doubling the debt in each iteration and borrowing one less than the new total, the attacker engineered a sequence where the next borrow's share calculation rounded to zero.
  3. The borrow proceeded — adding real debt — but no borrow share was added to the attacker's position. Alpha Homora's accounting treated the attacker as having zero outstanding debt.

The attacker repeated this manoeuvre with flash-loaned capital from Aave, accumulated millions in zero-share borrows, and walked with the cySUSD.

Aftermath

  • The Alpha Finance team paused the protocol and patched the rounding behaviour.
  • Iron Bank's market also paused; Cream Finance bore part of the loss as the Iron Bank lender of record.
  • Alpha and Cream both implemented compensation plans funded through subsequent token issuance and protocol revenue.
  • A prime suspect was identified by Alpha but no public prosecution followed.

Why it matters

Alpha Homora's incident is one of the earliest large-scale rounding-direction exploits in DeFi. Every accounting calculation in a smart contract makes a choice about rounding when integer division produces a non-integer result. Rounding the wrong direction at the wrong moment can produce exactly this pattern — a position whose internal state breaks the protocol's solvency invariants.

The structural lesson — that rounding direction must be chosen to favour the protocol, not the user, on every state-mutating math operation — has been re-learned several times since at Hundred Finance, zkLend, and Cetus. It is one of the most subtle classes of DeFi bugs because the code looks correct in isolation; the issue only emerges under specific input sequences that an attacker constructs.

Sources & on-chain evidence

  1. [01]investing.comhttps://www.investing.com/news/cryptocurrency-news/alpha-homora-loses-37-million-following-iron-bank-exploit-2418512
  2. [02]halborn.comhttps://www.halborn.com/blog/post/explained-the-alpha-homora-defi-hack-feb-2021
  3. [03]cryptobriefing.comhttps://cryptobriefing.com/alpha-finance-suffers-37-5-million-loss-major-attack/

Related filings