DeFi’s Primitive Finance Protocol has just hacked its own smart contracts as a drastic measure to protect the protocol from an exploit so let’s read more about today’s crypto news.
A few hours ago, a critical vulnerability was discovered in Primitive Finance’s smart contracts and the contract could not get upgraded or suspended so the team had to hack the protocol themselves to protect the users’ funds. it stated that most of the funds were secured through users need to take action as some could be at risk:
“Although we have recused 98% of the funds, TOKENS IN WALLET which have approved the vulnerable contract are STILL AT RISK.
🚨 EMERGENCY ALERT🚨 @PrimitiveFi has whitehacked our contracts to safeguard user funds after a critical vulnerability was discovered.
Further user action is required to safeguard funds 👇
– Go to https://t.co/RC59l95Fui
– Reset all vulnerable approvals— Primitive (@PrimitiveFi) February 22, 2021”
The blog post outlined that the vulnerability is related to “infinite approvals” that were made on the protocol’s smart contracts and added that manually resetting these approvals back to zero will protect all the assets and those who have used this contract to approve the token spending but some funds could still be at risk. At the time of writing, the vulnerability wasn’t exploited by malicious actors, and the funds were not stolen because of the fast reaction of the protocol’s team.
DeFi’s Primitive Finance is a permissionless options protocol that is built on Ethereum so liquidity providers can earn a yield on DAI, ETH, or DeFi tokens by providing collateral to options markets. The yield is earned through the trading fees that are generated on SushiSwap’s automated market maker:
“The protocol is used to create smart contracts with an immutable set of parameters that define the rules of the option. Any two ERC-20 tokens can be chosen to be the underlying (the asset being purchased) or the quote (the token used to pay the strike price).”
The protocol launched to the mainnet back in 2020 and was audited by Open Zepplin in August of the same year but the code vulnerabilities seem to have slipped through the net. The total value locked across DeFi sectors returned to its all-time high of $50 billion as per DappRadar while MakerDAO is the leading protocol with a $6.7 billion followed by Aave with $5.5 billion in collateral lock up.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]
Discussion about this post