The SlowMist security team stated that in one of the Opyn contract attacks, the attacker used only 272 ETH and finally got 467 ETH. The complete attack process is as follows: the attacker uses the contract to first start the reateERC20CollateralOption function of the Opyn contract to create an oToken. The joint attack calls the motion function, passing in the address of the created library. Call the _exercise function twice through the loop logic execution in the exercise function. The exercise function calls the transferCollateral function to transfer USDC to the function caller (used to call the _exercise function twice, and the transferCollateral function will also be executed twice). The attack contract calls the removeUnderlying function to transfer out the predefined ETH. In the end, the attacker got back the ETH supplemented by the battle and the extra USDC. This attack mainly used the flaw in the _exercise function to check whether vaultToExerciseFrom created a vault. This check does not correct whether vaultToExerciseFrom is made by the participant itself, but simply checks whether a vault is created, causing the attacker to reset the address of the created vault at will to pass the check.