Compound inflation attack like most donation attacks requires the attacker both being the first to deposit and also owning all the shares in the concerned vault.
Since the exchange rate of the vault is measured using the cash available in the contract by a call of balance(address(this)) , it means any donation directly to the vault balance would increase the exchange Rate.
$$ (a) ~~~~ ExchangeRate = \frac{TotalCash + TotalBorrow - Reserve}{TotalSupply} $$
Suppose this is the first deposit into the market, compound markets usually have an initial exchangeRate assigned at initialisation. Let’s use “200000000500000000000000000” (sonne Market initial exchange rate). To mint a share/CToken as shares are referred to in compound.
$$ (b) ~~~~ CTokenAmount = \frac{UnderlyningTokenAmount}{ExchangeRate} $$
Since it is the initial deposit it would be:
$$ (c) ~~~~ CTokenAmount = \frac{UnderlyningTokenAmount}{InitialExchangeRate} $$
We need just 2 shares, why? cause the inflation attack exploits solidity’s rounding mechanism to complete its exploit, and the most effective rounding mechanism that donates shares to the pool is when the total supply is just 2. For example, since solidity rounds down to zero it means 1.9 will be rounded to 1, if the total supply is 2, it means the total supply has been increased by 50%, and if the total supply is 3, it means the total supply has been increased by about 33.3%…
So how do we get 2 shares from the equation, above ? well we know for a result of 2, it means the denominator has to be 1/2 the numerator. We have the denominator already so we find the numerator:
$$ (d) ~~~~ Numerator = \frac{InitailExchangeRate * 2}{1e18} = \frac{200000000500000000000000000 * 2}{1e18} = 400000001 $$
$$ CTokenAmount = \frac{400000001* 1e18}{200000000500000000000000000} = 2 $$
The goal of inflation attack in compound is to inflate the price of a share, and use the resulting rounding error to false price assets in the pool. This will be explained below steps.
Since there is now a deposit in the vault, it means the exchangeRate will be calculated using Formula (a).
$$ ExR = \frac{TotalCash + TotalBorrow - Reserve}{TotalSupply} = \frac{400000001}{2} = 200,000,000.5 = 200,000,000 $$
As explained earlier, being that the TotalSupply is so small, any rounding error would affect a significant proportion of the pool. And this is the part where the bug appears. Any part of the code that allows the conversation of underlining to shares, introduces this challenge, for example in redeemUnderlyning method.