Harvest Finance ($FARM), the DeFi project that was exploited for $33.8 million on October 26th, has increased its bounty reward for identifying the attacker from $400,000 to $1 million.
💵Increasing the bounty for tracking down the attacker and returning the funds to $1M
Here's what we know about the attacker:
1) understands flashloans
2) understands arbitrage and trading
3) understands curve internal code
4) understands renBTC
5) understands opsec
— Harvest Finance (@harvest_finance) October 29, 2020
How it happened
The attacker used their knowledge of Harvest Protocol as well as which external smart contracts that Harvest protocol interacts with to manipulate prices in their favor and subsequently drain Harvest’s USDC and USDT liquidity pools. Initial reports claimed that the attacker was able to steal roughly $24 million from Harvest by using this method, but Harvest Protocol’s official report shows that the attacker was able to steal $33.8 million during their attack.
Upping the bounty
Initially, the Harvest team posted a $100,000 bounty that would go to the individual who could identify the hacker. About 24 hours later, the Harvest team published a post-mortem report and increased their bounty to $400,000, saying that anyone who could identify the attacker within 36 hours would receive the $400,000 bounty. Two days later, the attacker had still not been identified, which prompted the Harvest team to raise the bounty once again, this time to $1 million.
DeFi is a Ponzi Scheme
DeFi is a Ponzi Scheme. DeFi projects have no real business model, DeFi coins and tokens have no real utility. DeFi preys on the willingness of speculators to throw their money into a coin or token and other speculators to follow so that the price increases. However, there is no longevity in this model. Many founding teams subsequently pull the rug on their investors and drain the liquidity from the trading pair, leaving their investors with worthless tokens. Or, a third-party attacks the protocol because it is vulnerable and drains millions of dollars from the liquidity pool, like what happened in the Harvest attack.
When it comes to DeFi projects, Jesse Powell, the co-founder and CEO of Kraken had a few strong words for the DeFi sector.
Stop fucking up your bullshit DeFi scams and expecting exchanges to bail you out. I will not accept your attempt at externalizing the cost of your hasty, reckless rollout. Invest in audits, insurance and please DYOR. Taking your losses is the only way to enlightenment.
— Jesse Powell (@jespow) October 26, 2020
New to Bitcoin? Check out CoinGeek’s Bitcoin for Beginners section, the ultimate resource guide to learn more about Bitcoin—as originally envisioned by Satoshi Nakamoto—and blockchain.