0%
#Setting

ValueDeFi flash-loan attack exposes critical lack of due diligence in DeFi

2020년 11월 23일 3 분 읽기
뉴스 기사 배너 이미지

The decentralized lending market grew by 8% this week as the total borrowing volume reached $3.09 billion. Benefiting from the growth, Maker replaced Uniswap as the overall DeFi leader, with a 17% market dominance level. Compound, meanwhile, maintained its market dominance in the lending sphere, with a 55% share.

The weekly average trading volume of decentralized exchanges rose by 20% and reached $0.53 billion this week. While Uniswap maintained its trading volume dominance of 37%, its position as having the largest liquidity pool was replaced by its primary competitor, SushiSwap.

Flash-loan attacks proving problematic for DeFi

Flash-loan attacks have become a headache for the DeFi community as yield aggregator ValueDeFi became the fifth victim in only three weeks. Following the $34 million loss from Harvest Finance, there have been flash-loan exploits of Akropolis, Origin Protocol and Cheese Bank, with a loss of $2 million, $7 million and $3.3 million, respectively.

ValueDeFi suffered from a $6 million flash-loan exploit on Nov. 14. According to Emiliano Bonassi, a self-described white-hat hacker, the flash-loan exploit on the ValueDeFi protocol was more complex than previous attacks, as two flash loans were used. Hackers took out a flash loan of 80,000 ETH — worth over $36 million — and a $116 million flash loan in DAI from Uniswap to exploit the ValueDeFi protocol, resulting in a net loss of $6 million.

The detailed steps for the attack were illustrated on Bonassi’s Twitter account:

According to an analysis conducted by audit firm PeckShield, the root cause of the ValueDeFi protocol exploit was a bug in its “MultiStablesVaults,” which uses Curve to measure the asset price. Because of the bug, hackers were able to use flash loans to manipulate the price of 3crv tokens. After that, they could burn the minted tokens from the pool to redeem a disproportionate share of 33.08 million 3crv tokens, instead of the normal 24.95 million. Hackers then redeemed the 3crv tokens for DAI, which led to a $7.4 million loss in DAI. (The hackers did, however, returne $2 million to the core developers of ValueDeFi.)

Visit https://www.okex.com/ for the full report.

OKEx Insights presents market analyses, in-depth features, original research & curated news from crypto professionals.

Not an OKEx trader? Sign up, start trading and earn 10USDT reward today!

was originally published in OKEx Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

인기 뉴스

How to Set Up and Use Trust Wallet for Binance Smart Chain
#Bitcoin#Bitcoins#Config+2 더 많은 태그

How to Set Up and Use Trust Wallet for Binance Smart Chain

Your Essential Guide To Binance Leveraged Tokens

Your Essential Guide To Binance Leveraged Tokens

How to Sell Your Bitcoin Into Cash on Binance (2021 Update)
#Subscriptions

How to Sell Your Bitcoin Into Cash on Binance (2021 Update)

What is Grid Trading? (A Crypto-Futures Guide)

What is Grid Trading? (A Crypto-Futures Guide)

Cryptohopper에서 무료로 거래를 시작하세요!

무료 사용 - 신용카드 필요 없음

시작하기
Cryptohopper appCryptohopper app

면책 조항: Cryptohopper는 규제 기관이 아닙니다. 암호화폐 봇 거래에는 상당한 위험이 수반되며 과거 실적이 미래 결과를 보장하지 않습니다. 제품 스크린샷에 표시된 수익은 설명용이며 과장된 것일 수 있습니다. 봇 거래는 충분한 지식이 있거나 자격을 갖춘 재무 고문의 조언을 구한 경우에만 참여하세요. Cryptohopper는 어떠한 경우에도 (a) 당사 소프트웨어와 관련된 거래로 인해, 그로 인해 또는 이와 관련하여 발생하는 손실 또는 손해의 전부 또는 일부 또는 (b) 직접, 간접, 특별, 결과적 또는 부수적 손해에 대해 개인 또는 단체에 대한 어떠한 책임도 지지 않습니다. Cryptohopper 소셜 트레이딩 플랫폼에서 제공되는 콘텐츠는 Cryptohopper 커뮤니티 회원이 생성한 것이며 Cryptohopper 또는 그것을 대신한 조언이나 추천으로 구성되지 않는다는 점에 유의하시기 바랍니다. 마켓플레이스에 표시된 수익은 향후 결과를 나타내지 않습니다. Cryptohopper의 서비스를 사용함으로써 귀하는 암호화폐 거래와 관련된 내재적 위험을 인정하고 수락하며 발생하는 모든 책임이나 손실로부터 Cryptohopper를 면책하는 데 동의합니다. 당사의 소프트웨어를 사용하거나 거래 활동에 참여하기 전에 당사의 서비스 약관 및 위험 공개 정책을 검토하고 이해하는 것이 필수적입니다. 특정 상황에 따른 맞춤형 조언은 법률 및 재무 전문가와 상담하시기 바랍니다.

©2017 - 2024 저작권: Cryptohopper™ - 판권 소유.