A Rocky Week for zkSync Era: EraLend Security Breach and Kannagi Finance Rug Pull

3 mins
Updated by Bary Rahma
Join our Trading Community on Telegram

In Brief

  • Kannagi Finance has walked away with $2.4 million worth of users' assets.
  • The incident is the first rug pull to affect the scaling solution zkSync Era.
  • It comes off the back of the $3.4 million hack EraLend suffered earlier.
  • promo

The zkSync Era, just a fledgling in the vast crypto market, faced a tough introduction to the sector’s challenges this past week, marked by significant breaches and unexpected setbacks.

EraLend Loses $3.4M in Security Breach

On Tuesday, July 25, cyber attackers pilfered a staggering $3.4 million from EraLend, a lending platform operating on the zkSync Era. In the aftermath, the EraLend team promptly halted all activities.

A subsequent update revealed they had pinpointed a potentially involved crypto exchange account. Furthermore, they suspect that the culprits may have utilized a certain VPN provider to obscure their online tracks.

“We’ve pinpointed a suspicious CEX account that appears to be linked to an individual potentially involved in the incident. We are collaborating closely with the local police department, providing them with all relevant information,” said EraLend.

To incentivize assistance, EraLend promised 10% of any reclaimed funds as a reward for information leading to hackers.

“We are rallying the entire community, urging you all to stand together with us in facing the criminals who have stolen our funds and violated our rights,” added EraLend.

Kannagi Finance’s Sudden Exit

Adding to zkSync Era’s woes, Kannagi Finance, a yield aggregator protocol, saw its entire asset pool drained on Friday, July 28. This dubious exit marked the first rug pull on the zkSync Era, with Kannagi Finance promptly vanishing online.

After auditing Kannagi Finance’s ERC20 contract in June, Blockchain security firm Solid Proof estimates the heist’s toll at approximately $2.4 million. However, it is important to clarify that their audit did not extend to the Vault contracts in this scam.

“We have already determined that the fraudster is most likely a person in the Chinese region. We will continue to track the wallets and take further steps,” said Solid Proof.

That responsibility fell to another entity, Source Hat, which audited the ERC-4626 token contract. Source Hat has yet to issue any statement on the Kannagi debacle, and relevant GitHub repositories have mysteriously disappeared.

By July 30, blockchain monitor MistTrack identified a transfer of 600 ETH from the Kannagi incident moving through the crypto mixer Tornado Cash.

The Road Ahead for zkSync Era

zkSync Era, called zkSync 2.0 in its beta phase, represents the second iteration of Matter Labs’ rollup-centric scaling solution. Its modus operandi contrasts with layer-two solutions such as Optimism.

Though both entities streamline operations by aggregating transactions before logging them on-chain, their methodologies diverge. While Optimism leverages optimistic rollups, zkSync opts for zero-knowledge (ZK) rollups.

Read More: What are Zero-Knowledge Proofs? Securing Growth for Web3 Apps 

Since its March debut, zkSync Era has been gradually cementing its presence in the DeFi sector, winning over projects with its promise of efficient transaction processing and negligible gas fees. A notable endorsement came last month when Kyber Network incorporated its flagship, KyberSwap, within the zkSync Era ecosystem.

An interesting metric to gauge zkSync Era’s standing post these setbacks is its Total Value Locked (TVL) – a trusted barometer of user sentiment, which typically dips post-security lapses.

Total Value Locked (TVL) on zkSync Era Jul 2023
Total Value Locked on zkSync Era. Source: Dune

However, zkSync Era seems to have bucked this trend. Notwithstanding last week’s upheavals, there hasn’t been a significant fund exodus. TVL metrics indicate a rise from Monday’s $442.55 million to over $380 million by the week’s end, suggesting the community’s faith remains largely unshaken.

Top crypto projects in the US | October 2024
Exodus Exodus Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
Coinbase Coinbase Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | October 2024
Exodus Exodus Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
Coinbase Coinbase Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | October 2024

Trusted

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

Frame-1944.png
James Morales
James is a London-based editor, writer and explorer of the cryptosphere who started his journalistic career writing about digital art before honing his craft as a financial technology reporter. From the latest innovation in digital assets to the evolution of Web3, he is perpetually fascinated by the technologies of decentralization.
READ FULL BIO
Sponsored
Sponsored