An exploit enabled attackers to drain $80 million in crypto from decentralized finance (DeFi) platform Rari Capital’s liquidity pools, according to a tweet today by blockchain and smart contract audit firm BlockSec.

The BlockSec team called the security flaw a “typical reentrance vulnerability,” and tweeted again with a picture displaying the offending code.

Algorithmic stablecoin Fei—the self-touted “Stablecoin for DeFei”—also had contributed liquidity to Rari Capital’s exploited pools. Fei has a market cap of well over half a billion dollars, making it the 11th largest stablecoin, according to data from CoinGecko

In December, Fei merged with Rari Capital. Rari enables the creation of so-called Fuse Pools—permissionless lending pools—that anyone with a wallet can access from anywhere to lend or borrow ERC-20 tokens. No minimum funds are required of users.

Fei and Rari’s joint effort got off the ground with $2 billion in liquidity.

Fei Protocol acknowledged the exploit on Twitter shortly before BlockSec’s report, saying, “We have identified the root cause and paused all borrowing.” Fei also promised a $10 million bounty to the attackers if they return the stolen funds.

Fei is trading a little below its peg, at $0.9895, as of this writing.


Source link

Leave a Reply

Your email address will not be published.

Fill out this field
Fill out this field
Please enter a valid email address.
You need to agree with the terms to proceed