Opyn decentralized finance (DeFi) platform said that an exploit has affected ETH put contracts, leading to over $371,200 being stolen.
Revealed today in a blog post, a user report had alerted the company to hackers who exploited Opyn ETH Put contracts. The perpetrators walked away with more than $370,000.
According to one DeFi investor who goes by the online moniker ‘Degen Spartan’ on Twitter, traders used flash loans to buy Ethereum Put oTokens (oETH) on Uniswap.
The traders then chose USD Coin (USDC) as collateral, only to realize that the result was a double transfer. The attackers used this technique to effectively steal the collateral.
https://twitter.com/DegenSpartan/status/1290699622013231104
“This exploit allowed an attacker to “double exercise” oTokens and steal the collateral posted by certain sellers of these puts,”the company said.
Removing Liquidity
The team explained that they’ve removed liquidity from ETH Put pools on Uniswap “to prevent others from buying these oTokens.” They also removed the ability to purchase ETH Puts on the DeFi website.The team offered a 20% premium via Deribit for existing oToken holders to buy any ETH Put oTokens.Hey all, it seems like there has been an issue with some oTokens contracts. We are working hard on understanding this issue so we can let help users as best we can. We have removed liquidity from Uniswap in the mean time. Would be best to not open new vaults at the moment.
— Opyn (perp, lover) (@opyn_) August 4, 2020
“This only applies to oTokens that were bought before today,”co-founder Alexis Gauba said on Discord (Opyn’s messaging platform). Opyn said that it’s taking serious measures in order to rebuild lost trust among its users. The company is working with samczsun from Trail of Bits to develop a whitehat patch. This has helped to remove 439,170 USDC collateral from outstanding vaults. It continued:
“We are working on designing a plan to mitigate the impact on ETH put sellers.”The exploit has not affected ETH Call, COMP Put, BAL Put, cToken Put, or aToken Put products, the team mentioned. Opyn will also reimburse “ETH put sellers in full” who were affected by the vulnerability.
Disclaimer
In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and Conditions, Privacy Policy, and Disclaimers have been updated.
Sujha Sundararajan
Sujha reports on cryptocurrencies, blockchain developments and markets, operating from the South East Asia timezone. Her work has appeared in CoinDesk, CCN, EconoTimes and Venture Capital Post. She does not currently hold value in any digital currencies.
sujhasundar@gmail.com
Sujha reports on cryptocurrencies, blockchain developments and markets, operating from the South East Asia timezone. Her work has appeared in CoinDesk, CCN, EconoTimes and Venture Capital Post. She does not currently hold value in any digital currencies.
sujhasundar@gmail.com
READ FULL BIO
Sponsored
Sponsored
