Donation Attack
A donation attack exploits share-based token vaults (like ERC-4626) by inflating the share price through direct token transfers, causing rounding errors that steal funds from subsequent depositors.
In Depth
The donation attack (also called the first depositor attack or share inflation attack) targets vaults that calculate shares based on the ratio of total assets to total supply. An attacker deposits a tiny amount (1 wei) to get 1 share, then donates a large amount of tokens directly to the vault (bypassing the deposit function). This inflates the price per share. When a victim deposits, their deposit amount rounds down to 0 shares due to the inflated price, and the attacker withdraws everything. Mitigations include virtual shares/assets (used by OpenZeppelin), minimum deposit requirements, and dead shares at initialization. Fuzzing catches this by testing deposit-then-withdraw round-trip properties and asserting no value leaks to third parties. See the complete ERC-4626 donation attack breakdown.
Frequently Asked Questions
What is a donation attack in DeFi?
A donation attack inflates a vault's share price by sending tokens directly to the vault contract. This causes rounding errors when new users deposit, allowing the attacker to steal their funds. It mainly affects ERC-4626 vaults without virtual share protection.
How do you prevent donation attacks?
Common mitigations include virtual shares and assets (offsetting the share math), minimum deposit requirements, dead shares at initialization, or using internal accounting that ignores direct transfers. Invariant testing catches this by fuzzing deposit/withdraw sequences and checking that no user can profit at another's expense.