Skip to content
Est. MMXXVIVol. VI · № 273RSS
Blockchain Breaches

An archive of cryptocurrency security incidents — hacks, exploits, bridge failures and rug pulls, documented with on-chain evidence.

Dossier № 053Reentrancy

Cream Finance AMP Reentrancy

$18.8M drained from Cream Finance v1 lending markets via a reentrancy bug in the AMP token's ERC-777 transfer hook — the second of Cream's three 2021 exploits.

Date
Victim
Cream Finance
Chain(s)
Ethereum
Status
Partially Recovered

On August 30, 2021, the lending protocol Cream Finance suffered the second of its three major 2021 exploits, losing approximately $18.8 million2,804.96 ETH and 462,079,976 AMP tokens — to a reentrancy attack made possible by the ERC-777 token standard used by AMP. The attacker returned approximately $17.6M of the stolen funds, classifying the event as an opportunistic white-hat.

What happened

When Cream listed AMP as a supported collateral asset, the integration inherited a subtle property of AMP's ERC-777 implementation: every transfer of AMP triggers a tokensReceived() hook in the receiving contract, allowing the recipient to execute arbitrary code before the transfer's accounting is finalised.

Cream's borrow() function followed the standard Compound v2 pattern: send the borrowed tokens to the caller, then update the caller's debt balance. The intended flow was safe — until AMP's hook let the borrower run arbitrary code in the gap between "tokens sent" and "debt recorded."

The attack:

  1. The attacker borrowed a small initial amount of AMP from Cream — triggering the AMP tokensReceived() hook in the attacker's contract.
  2. From inside the hook — before the first borrow had been recorded in Cream's accounting — the attacker called borrow() again.
  3. The second borrow saw the attacker's collateral as still un-encumbered (no debt recorded yet), and issued a second borrow against the same collateral.
  4. Repeated the recursion until the attacker had drained the protocol's AMP and ETH supply.

Aftermath

  • Cream paused affected markets and immediately worked with Yearn Finance engineers to identify the AMP-hook root cause.
  • The attacker — possibly nervous about identification — returned ~$17.6M of the $18.8M within days, keeping a roughly 6% "bounty."
  • Two months later, in October 2021, Cream suffered a much larger third exploit for $130M — a separate vulnerability path, but at the same protocol that had now been compromised three times in eight months.

Why it matters

Cream's August 2021 incident is one of the canonical cases for why ERC-777 token hooks are a reentrancy hazard for any protocol that handles borrowed token balances. The defensive response is twofold:

  • Treat every external token call as a potential re-entry point — apply the checks-effects-interactions pattern rigorously, not selectively.
  • Audit each token integration as if it were a fresh codebase — token-specific behaviour (ERC-777 hooks, rebasing tokens, fee-on-transfer tokens, callback-enabled tokens) can break security assumptions that hold for plain ERC-20s.

Cream's three 2021 exploits, taken together, are also a case study for what happens when a protocol's security culture cannot keep pace with its listing velocity. Adding new collateral assets quickly is competitive pressure; doing it without per-asset reentrancy analysis is paid for in real losses.

Sources & on-chain evidence

  1. [01]halborn.comhttps://www.halborn.com/blog/post/explained-the-cream-finance-hack-august-2021
  2. [02]coindesk.comhttps://www.coindesk.com/business/2021/08/30/defi-protocol-cream-finance-hacked
  3. [03]cryptonews.nethttps://cryptonews.net/news/defi/1616179/

Related filings