EraLend is zkSync Era’s pioneering native money market protocol — launching as one of the first lending and borrowing platforms on zkSync Era, offering Compound V2-style overcollateralized lending for USDC, ETH, wBTC, and zkSync ecosystem tokens; the protocol suffered a read-only reentrancy exploit in July 2023 resulting in ~$3.4M in losses, patched and resumed with enhanced security, representing an important example of novel attack vectors in zkEVM lending.
Overview
EraLend (originally known as “Eralend” or launched under the name “ReactorFusion” at some points in development) launched on zkSync Era to provide the essential lending primitive for zkSync’s DeFi ecosystem. As one of the first protocols on a new zkEVM chain, EraLend faced the dual challenge of bootstrapping liquidity while operating novel contract code in an ecosystem where the EVM execution environment (zkSync’s zkEVM) had known distinctions from mainnet Ethereum — including different gas mechanics that affected some reentrancy guard patterns. EraLend’s July 2023 exploit demonstrated a previously underappreciated attack vector: read-only reentrancy, where an attacker exploits the state of a pooled asset’s price data without actually draining the pool.
Important note: EraLend’s exploit history is documented here for educational accuracy. ZkSync Era’s environment introduced novel security considerations, particularly for protocols relying on LP token prices.
Core Architecture
The protocol is built around the following components.
Compound V2 Model on zkSync
EraLend follows the standard Compound V2 money market design:
- erTokens — interest-bearing tokens representing lender deposits (analogous to cTokens)
- Deposit USDC → receive erUSDC (exchange rate increases over time as interest accrues)
- Deposit ETH → receive erETH
- Borrow against collateral up to Collateral Factor percentage
- Health Factor monitored; liquidation when HF < 1.0
Markets
EraLend supported key zkSync Era assets at launch:
- USDC (primary stablecoin borrow market)
- WETH (ETH lending and borrowing)
- WBTC (Bitcoin on zkSync)
- zkSync ecosystem tokens (added as ecosystem developed)
- LP tokens as collateral (the feature that introduced exploit risk)
The July 2023 Exploit: Read-Only Reentrancy
The following sections cover this in detail.
Background
EraLend accepted SyncSwap LP tokens as collateral — allowing LPs to deposit their SyncSwap liquidity positions as collateral to borrow against.
Valuing LP tokens requires reading the underlying pool’s reserves — to know how much an LP token is worth, the protocol must query the pool contract for current balances.
Attack Vector: Read-Only Reentrancy
The exploit leveraged a specific interaction between SyncSwap’s pool contracts and EraLend’s price oracle:
- During a SyncSwap pool transaction, the pool’s internal state is temporarily inconsistent — balances in the process of updating
- SyncSwap uses a callback during swaps (for flash loan functionality or routing)
- Within this callback, the attacker calls EraLend’s oracle, which reads the SyncSwap pool’s reserves
- The reserves at this moment are momentarily inflated compared to the settled state (due to mid-transaction state)
- EraLend’s LP token valuation sees the inflated reserves and allows the attacker to borrow more than the true collateral value
- The borrow is not repaid — attacker profits from excess borrow
This is “read-only” reentrancy: the attacker doesn’t change storage in SyncSwap, just reads inconsistent state during a callback.
Impact
- Loss: ~$3.4M
- Affected users who had USDC in the affected lending markets
- Protocol paused; reserves used to partially compensate users
- Security patch: EraLend no longer allows LP token collateral (or uses a TWAP oracle that cannot be manipulated in a single block)
Post-Exploit Recovery
Following the exploit:
- EraLend published a detailed post-mortem
- LP token collateral support suspended
- Oracle design updated to use time-weighted average prices
- Third-party security audit of patched code
- Protocol recommenced lending/borrowing for standard assets (USDC, ETH, WBTC)
zkSync Era Ecosystem Context
EraLend’s exploit contributed to the body of knowledge about zkEVM-specific security considerations:
- Gas differences in zkSync can affect reentrancy guard gas costs
- LP token oracle design requires extra care when reading pool state during callbacks
- zkSync Era’s growing ecosystem attracted more attention to protocol-level security
Other zkSync Era lending protocols (ReactorFusion, different from EraLend) also emerged, creating a more competitive lending landscape post-EraLend’s incident.
Sources
- EraLend Documentation and Post-Exploit Report — EraLend Team, 2023. Official EraLend documentation covering the protocol’s Compound V2 architecture (erToken mechanics, interest rate model parameters, collateral factor settings for initial supported assets), and the July 2023 post-mortem report documenting the read-only reentrancy exploit (technical description of the attack vector, step-by-step attack trace, root cause analysis of the LP token oracle vulnerability, and remediation measures implemented).
- “Read-Only Reentrancy: A New Attack Vector in DeFi Lending” — Security Research / Immunefi, 2023. Technical analysis of read-only reentrancy as a generalized attack vector beyond EraLend — examining the class of vulnerabilities enabled by reading externally-inconsistent state during callback periods, historical examples, protocols at risk (particularly those using LP token oracles derived from live AMM pool reserves), and mitigation strategies (TWAP oracles, callback re-entrance checks, settled state verification).
- “EraLend on zkSync Era: Early Lending Market and User Impact” — zkSync Analytics / DeFi Research, 2023. Analysis of EraLend’s market position on zkSync Era before and after the exploit — TVL composition, user base, USDC/ETH market utilization, the impact of the exploit on zkSync Era’s broader DeFi confidence, and EraLend’s post-exploit recovery trajectory.
- “zkSync Era Security Landscape: EraLend, Velocore, and Protocol Incident Patterns” — zkSync / DeFi Security Research, 2023–2024. Analysis of security incidents on zkSync Era specifically — EraLend (July 2023: $3.4M, read-only reentrancy), Velocore (June 2024: $6.8M, CLMM accounting exploit), and smaller incidents — examining whether zkSync Era’s EVM environment introduces systematic risks vs standard EVM, the maturity timeline of protocol security on new rollup chains, and lessons for future zkEVM deployments.
- “LP Tokens as Collateral: Oracle Design Challenges” — DeFi Research / Lending Protocol Security, 2023. Comprehensive analysis of the security challenges of accepting LP tokens (AMM liquidity provider positions) as collateral in lending protocols — oracle manipulation vectors (live reserve reading, flash loan manipulation), TWAP oracle limitations (latency allows short-term price manipulations within TWAP window), TWAP vs spot for different LP types, and protocol design recommendations for LP token collateral.