Harvest Finance engineering mistake fiasco

Do repost and rate:

 

The DeFi space in late October of 2020 has been somewhat shaken by the news of a Hacker stealing $24 million worth of Harvest Finance funds. The attack has been made possible by the design and implementation issues within Harvest Finance which in combination with an arbitrage strategy has resulted in exploitation of $24 million of the cryptocurrency being stolen. 

 

  • One of the early reports has speculated on a very clever arbitrage strategy which would've resulted in the funds getting drained from Harvest Finance. The strategy would've seen the attacker rinse repeat strategy of acquiring flash loan worth of $50 million, arbitraging through several markets to gain $0.5 million profit per repeat.
  • After other community members have started putting more effort into their investigation along with looking at the source code of the Harvest Finance protocol there were more signs that there is something more sinister happening. The latter speculations have started highlighting a potential bug within the implementation of a grey list in regards to the Deposits, along with a loose design of the arbitrage check function.
  • With the problem being at the forefront of the cryptocurrency news the Harvest Finance official twitter handle has admitted to an engineering mistake which would've resulted in thousands of people losing their funds.
  • Somewhat surprisingly the attacker has chosen to transfer back 10% of the stolen funds upon which Harvest Finance has communicated that the funds would be distributed to the victims on a pro-rata basis.

 

Related Reading
  • New Chromium Zero-Day bug under exploitation in the wild
  • Ledger phishing emails
  • Cyber Threat On The Rise
  • Surfing the net a bit more securely
  • Monero's Oxygen Orion Upgrade Successful
  • The long awaited launch of Filecoin is finally here
  • Grants for d(apps) to be built on top of Raiden Network (L2)
 
Ongoing crypto free earn campaigns:
  • Coinbase Learn & Earn up to $60 of Compound
  • Coinbase Learn & Earn up to $50 of EOS
  • Coinbase Learn & Earn up to $50 of XLM

 

Ongoing crypto non-free earn campaigns:
  • Crypto.com $50 of CRO once 1000 CRO staked
 https://www.publish0x.com

Regulation and Society adoption

Ждем новостей

Нет новых страниц

Следующая новость

All content provided by the site, hyperlinks, related applications, forums, blogs, social networks and other information is taken from third-party sources and is intended for reference only. We make no warranties with respect to our content, including but not limited to accuracy and timeliness. No part of the content we provide is financial advice, legal advice or any other form of advice intended for any of your personal purpose. Any use of our content is entirely at your own risk. You should conduct your own research, review, analysis and verification of our content before relying on them. Trading is a very risky activity that can lead to large losses, so consult your financial Advisor before making any decision. No content on our site is a public offer or invitation to action.

This resource may contain 18+materials

© 2016-2024