Sunday , November 17 2024
Home / Blockchain / DeFi Protocol Gamma Strategies Discloses Vulnerability After Preliminary Investigation

DeFi Protocol Gamma Strategies Discloses Vulnerability After Preliminary Investigation

Summary:
Gamma Strategies – a DeFi protocol built on the Ethereum blockchain – fell victim to an exploit, resulting in a loss of approximately .4 million. In response to the attack, the protocol swiftly implemented measures to prevent further losses, temporarily disabling deposits to all public DeFi vaults while keeping withdrawals active for users in need of accessing their funds. The exploit was initially identified by blockchain investigator PeckShield on January 4, which was then confirmed by Gamma Strategies. The platform disclosed that it had identified the root cause of the incident. Root Cause Revealed Gamma’s vaults incorporate four primary safeguards against flash loans. These include mandating a token0 and token1 ratio in line with the pool’s ratio, setting a price

Topics:
Chayanika Deka considers the following as important: , ,

This could be interesting, too:

Wayne Jones writes Ilya Lichtenstein Sentenced to 5 Years in Prison for Role in Bitfinex Hack

Wayne Jones writes VanEck Analyst Predicts Successive All-Time Highs for Bitcoin in Coming Months

Jordan Lyanchev writes Major Win for Elon Musk in 8 Billion Dogecoin Market Manipulation Lawsuit

Wayne Jones writes Argentina’s President Advocates for Clear Division of Crypto and State

Gamma Strategies – a DeFi protocol built on the Ethereum blockchain – fell victim to an exploit, resulting in a loss of approximately $3.4 million. In response to the attack, the protocol swiftly implemented measures to prevent further losses, temporarily disabling deposits to all public DeFi vaults while keeping withdrawals active for users in need of accessing their funds.

The exploit was initially identified by blockchain investigator PeckShield on January 4, which was then confirmed by Gamma Strategies. The platform disclosed that it had identified the root cause of the incident.

Root Cause Revealed

Gamma’s vaults incorporate four primary safeguards against flash loans. These include mandating a token0 and token1 ratio in line with the pool’s ratio, setting a price change threshold to disallow deposits when the price change exceeds a specified amount, implementing deposit caps per deposit, and prohibiting single-sided deposits.

The protocol revealed that the main issue stemmed from the settings on the price change threshold, which were set too high, allowing for up to a 50-200% price change on certain LST and stablecoin vaults. This enabled the attacker to manipulate the price to the threshold and generate an unusually high number of LP tokens.

Gamma Strategies has outlined its plan of action, which includes setting all price change thresholds to a safe threshold level. It also plans to rope in a third-party code review to ensure that this attack is effectively mitigated prior to re-opening deposits.

A comprehensive post-mortem analysis will also be released soon. However, Gamma Strategies is yet to confirm if it intends on compensating its victims in addition to “maximizing recovery for all affected users.”

“One last note, is that even though deposits are closed, our rebalances and management of the positions are still active as they are not affected by the exploit.”

Another Hack in 2024

Within the first four days of 2024, the cryptocurrency market faced two security breaches.

Orbit Chain, a project facilitating cross-chain bridging, was hacked earlier this week, which led to the loss of over $80 million in assets. The attacker managed to gain access to seven out of ten multisig signers, resulting in a total loss of $81.5 million.

The majority of the stolen funds consisted of stablecoins, with $30 million in USDT, $10 million in USDC, and $10 million in DAI. Additionally, approximately 231 WBTC ($10 million) and 9,500 ETH ($21.5 million) were also compromised.

You Might Also Like:

Leave a Reply

Your email address will not be published. Required fields are marked *