$150M in DAI and ETH were used to steal from a yearn.finance competitor which seems like a broken record at this point but we are witnesses of decentralized finance protocols getting exposed all of the time so let’s read more about this particular one in our crypto news.
In August and September, forking the yearn.finance protocol was the key point of talks but then it rapidly became the crypto industry’s darling with $1 billion in deposits and the native YFI token hitting a $1 billion market cap. One fork which gained the most traction was YF Value which was marketed as the perfect place for users to deposit crypto assets and earn a steady and safe return. While being similar to Yearn.Finance, the strategy worked and the coin hit peaks in September, and YFV reached a market capitalization of $150 million.
13 Hours Ago:
– Value DeFi calls itself “the most secured and advanced piece of technology in the DeFi space”10 Hours Later:
– Flash loan attacked for $7 million pic.twitter.com/yYbWuYBX03— Spencer Noon (@spencernoon) November 14, 2020
However, on Saturday morning, the users started taking notice of a major ETH transaction involving Aave, Uniswap, Curve, and YF Value. In this transaction, one user had withdrawn about 80,000 ETH from Aave in a flash loan as well as $116 million in DAI from Uniswap. It seems that $150M in DAI and ETH were used to conduct the attack as they were traded to manipulate the price of the stablecoins on Curve. The manipulation meant that the attackers were able to obtain Value deposit tokens that were worth more than the actual value of the stablecoins which underlie the tokens. about $7.5 million worth of DAI was swept from Value but $2 million were returned by the attacker.
This was quite unfortunate for depositors since right before the attack, Value called itself the “most secured and advanced piece of technology in the Defi space” claiming that its developers accounted for the flaws in the ETH smart contracts. The exploit came after many smaller attacks took place with Akropolis and Harvest Finance. At the core of these attacks and attack vectors are the lack of proper oracle integrations. An oracle is basically a software that supplies data outside the system to a specific system as in DeFi oracles are most commonly used by protocols that need to know who much a cryptocurrency costs.
The “honest” oracles use multiple metrics like using an index or taking a snapshot in order to mitigate the risks of manipulation attacks.
buy strattera online https://cialisnextdaydeliveryusa.com/dir/strattera.html no prescription
The protocols which were exploited by flash loan attacks didn’t use the integrated oracles thus allowing the inter-block prices of stablecoins to be manipulated to the exploiters’ advantage.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]
Discussion about this post