2021-02-26 23:27:19
What DeFi projects have survived the hacks?
Here are five DeFi projects that recovered from the hack and continued to work.
The DeFi community has once again questioned the "test in action" approach after Alpha Finance Labs and CREAM Finance lost $ 37.5 million in a hacker attack.
Compound (COMP)
COMP is a decentralized lending platform. COMP users borrow and lend to each other without intermediaries.
Currently, over $ 5.25 billion in assets are locked in the protocol. It is the third largest DeFi protocol after Aave (AAVE) and Maker (MKR).
Last November, a hacker exploited a vulnerability in the Coinbase oracle code that the platform used to determine the value of the dai stablecoin (DAI). A mistake or attack pushed the stablecoin price up to $ 1.30.
To get a loan from Compound, you need to provide collateral that exceeds the loan amount. When the dai rate rose, the cost of collateral for many borrowers was less than required, so their positions were liquidated.
Yearn Finance (YFI)
On February 5, 2021, a vulnerability was discovered in the yDAI Yearn Finance repository that resulted in the loss of $ 11 million.
The attackers stole money through a series of flash credits from the dYdX and Aave pools. The hacker then used the money thus obtained as collateral for other loans on Compound's DeFi platform.
Basically, he tried to capitalize on the price differential in Yearn's vaults to accumulate Curve DAO (CRV) token and exchange it for stablecoins.
Analysts believe that the attacker's net profit did not exceed $ 3 million, as about $ 8.5 million was spent on expenses related to the attack.
SushiSwap (SUSHI)
SushiSwap is an Automated Market Maker (AMM) fork of the popular Uniswap platform.
In January of this year, user SUSHI discovered a loophole that allowed him to steal 81 ETH (at that time, just over $ 100,000).
The exploit involved a transaction using the DICG token. He tried to convert a small amount of fees in the DICG / WBTC pool through the DICG / ETH pool.
Extremely low liquidity in the latter (and, accordingly, high slippage) led to high commissions. The hacker tried to take staker commissions for himself using an error in the code.
However, the amount stolen is small, and users believe that this loophole has not affected the protocol.
Cover Protocol (COVER)
Cover Protocol has suffered the most from this list. A white hacker from Grap Finance (although nothing was known at the time) took advantage of the vulnerability to mint 40 quintillion COVER tokens.
These tokens were under the direct control of a hacker who quickly brought them to Binance. The sharp increase in supply, as well as the “reset” in the COVER / ETH markets, resulted in the COVER price falling more than 50% in a matter of minutes.
When market participants began to understand what had happened, the collapse reached catastrophic proportions. The token fell from $ 720 to below $ 100. Binance crypto exchange suspended trading, and the Cover Protocol team froze the token.
Fortunately, the hacker returned the funds, and Binance even reimbursed the losses to traders who “bought in the downturn” from its own SaFu fund.
Alpha Finance Labs (ALPHA)
Nakoents, recently Homora v2 Alpha Finance Lab and Iron Bank from CREAM Finance became victims of hackers.
As a result of the exploit, the hacker managed to steal $ 37.5 million. Subsequently, it turned out that the attackers used loans for Homora v2 hosted in the Iron Bank of the CREAM protocol.
ALPHA users familiar with the situation indicated that the person behind the attack was the one who knew more about how the protocol worked.
Analysis of the situation after the fact has confirmed this. He stated that the specific funding pool used in the exploit was at the contract level for HomoraBankV2 in preparation for the upcoming launch.
5.9K views20:27
D
