Impossible Finance Swap Reentrancy
~$3.7M drained from Impossible Finance on BNB Chain via a swap-router flaw that let an attacker repeatedly swap against stale reserves in one tx.
- Date
- Victim
- Impossible Finance
- Chain(s)
- Status
- Funds Stolen
In June 2021, the BNB Chain AMM Impossible Finance lost approximately $3.7 million when a flaw in its swap router let an attacker repeatedly swap against stale reserves within a single transaction, extracting pool assets at unintended rates.
What happened
The router's swap accounting could be re-invoked before reserves updated, letting the attacker drain pools via repeated mispriced swaps in one transaction (~$3.7M).
Why it matters
Impossible Finance is one more BSC-2021 swap-accounting/reentrancy entry (BurgerSwap, Spartan). Its sole catalogue function is cumulative weight: the BSC-2021 cluster, taken together, is the densest demonstration in the dataset that a fast-fork ecosystem during a hype window reproduces the same handful of bugs continuously, each avoidable with knowledge that predated it. Individually unremarkable; collectively, the clearest evidence for the catalogue's central thesis.
Sources & on-chain evidence
- [01]halborn.comhttps://www.halborn.com/blog/post/explained-the-impossible-finance-hack-june-2021
- [02]rekt.newshttps://rekt.news/impossible-finance-rekt