Another DeFi platform has been exploited: Opyn the DeFi protection and risk management tool that lets users trade ETH options, has been exploited for an unknown amount of ETH.
Summary: Hacker send oETH(put option)and ETH, but opyn contracts returns USDC ""and""ETH
Hacker tx example: https://t.co/qW3eqAftIe
— うどん (udon.eth) (@udon_crypto) August 4, 2020
The exploit was first discovered by Twitter user @udon_crypto when they realized that the Opyn contracts were settling in both ETH and USDC when they really should have only been paying their users USDC at settlement time.
Hey all, it seems like there has been an issue with some oTokens contracts. We are working hard on understanding this issue so we can let help users as best we can. We have removed liquidity from Uniswap in the mean time. Would be best to not open new vaults at the moment.
— opyn (@opyn_) August 4, 2020
Shortly after the exploit was discovered, the Opyn team pulled all of the liquidity for their options trading while they worked to understand the issue.
The risk of DeFi
DeFi has been a hot topic lately because many digital currency enthusiasts realized that DeFi investments were an easy way for them to make a quick buck. DeFi resembles the digital currency ecosystem in 2017, not many people understand DeFi platforms, coins, and tokens, yet, they continue to exponentially increase in value—but it comes with major risk.
Opyn is not the first DeFi platform to get exploited, there have been several DeFi platform breaches this year. Including the Opyn exploit, there has been a total of six DeFi exploits that have happened so far in 2020 which have resulted in tens of millions of dollars worth of digital currency being lost.
MakerDAO’s CDP, Lendf.me, Uniswap, bZx, Balancer, and now, Opyn have all been exploited, with each platform losing $4 million, $25 million, $300,000, $995,000, $450,000, and an unknown amount respectively.
A house of cards
DeFi platforms are the equivalent to a house of cards, one wrong move and the entire ecosystem could come crashing down at any time.
The problem is, most DeFi platforms are not secure, and the smart contracts that facilitate the borrowing, lending, and hedging can easily be gamed. In all of the exploits that have taken place, the attacker has not hacked the platform or breached a database. Rather, they have a great understanding of DeFi platforms and smart contracts and are able to use the platforms in a way where they beat the system and rake in millions of dollars at the platform’s expense.
We recommend that you proceed with caution when it comes to DeFi platforms because even though you may be enticed by the fact that you can make a quick buck, you can easily lose all of your funds, or could be making trades on the platform that will be the next one to get exploited. As the DeFi honeypot grows—with currently $4.27 billion in total value locked on DeFi platforms—DeFi protocols will only become a more attractive target for attackers.
New to Bitcoin? Check out CoinGeek’s Bitcoin for Beginners section, the ultimate resource guide to learn more about Bitcoin—as originally envisioned by Satoshi Nakamoto—and blockchain.