Skip to content
Est. MMXXVIVol. VI · № 273RSS
Blockchain Breaches

An archive of cryptocurrency security incidents — hacks, exploits, bridge failures and rug pulls, documented with on-chain evidence.

Dossier № 091Reentrancy

Fei / Rari Fuse Reentrancy

Reentrancy on exitMarket() drained $80M from Rari Capital's Fuse lending pools, a function the team forgot to protect when patching reentrancy the prior month.

Date
Victim
Rari Capital / Fei Protocol
Chain(s)
Ethereum
Status
Funds Stolen

On April 30, 2022, the merged Fei Protocol + Rari Capital ecosystem lost approximately $80 million when an attacker exploited a reentrancy bug in Rari's Fuse isolated-lending pools. The bug was a known class of vulnerability that Rari had explicitly patched a month earlier — except they had missed one function.

What happened

Rari's Fuse was a Compound v2 fork that let users spin up isolated lending pools. On April 1, 2022, Rari shipped what it called a "Security Upgrade" addressing reentrancy vulnerabilities inherited from Compound. The patch added a global reentrancy lock to most state-mutating functions on the pool contracts.

The lock guarded the obvious functions: borrow, mint, redeem, liquidateBorrow, etc. The one function it did not guard was exitMarket() — the call that removes a collateral asset from a user's borrowing eligibility.

The attack:

  1. The attacker entered a Fuse market with a deposit.
  2. Borrowed ETH from the same market.
  3. When the borrow paid out ETH to the attacker's contract, the contract's fallback function was triggered.
  4. The fallback called exitMarket() on the lending contract — which was not protected by the reentrancy lock.
  5. The unprotected exitMarket() recomputed the attacker's collateralisation before the borrowed ETH had been recorded as outstanding debt, allowing the attacker to exit collateral that should have been locked against the loan.
  6. The attacker walked with both the borrowed ETH and the released collateral.

Repeating the pattern across multiple Fuse pools netted approximately $80 million.

Aftermath

  • Fei Protocol paused all borrowing across Fuse pools.
  • The Fei DAO publicly offered the attacker a $10 million bounty for the return of funds — unanswered.
  • The combined treasury was insufficient to fully reimburse all affected pools. The fallout precipitated a divisive governance fight, and the Fei + Rari merger effectively unwound over the following months.
  • The attacker's funds were laundered through Tornado Cash.

Why it matters

Fei/Rari is the textbook case for why partial reentrancy protection is worse than none: it gives a false sense of safety that masks the unprotected paths. Compound v2 forks remain a fertile vulnerability category — every fork that ships any unguarded state-mutating function will eventually be exploited along that path. The recurring lesson, reinforced at Hundred Finance and Sonne Finance, is that the Compound v2 base layer has known footguns that must be patched comprehensively, not selectively.

Sources & on-chain evidence

  1. [01]coindesk.comhttps://www.coindesk.com/business/2022/04/30/defi-lender-rari-capitalfei-loses-80m-in-hack
  2. [02]certik.comhttps://www.certik.com/resources/blog/6LiXVtPQ8q5AQfqOUPnTOS-revisiting-fei-protocol-incident
  3. [03]decrypt.cohttps://decrypt.co/99103/fei-protocol-offers-10m-bounty-after-80m-rari-capital-exploit

Related filings