Поділитися цією статтею
DeFi Project Akropolis Drained of $2M in DAI
Decentralized finance platform Akropolis’ yCurve pools have been drained resulting in the loss of $2 million.
Автор William Foxley
Make us preferred on Google
Decentralized finance (DeFi) platform Akropolis has suffered a $2 million loss following a re-entrancy attack utilizing a flash loan from derivatives platform dYdX, according to Akropolis founder and CEO Ana Andrianova.
STORY CONTINUES BELOW
Не пропустіть жодної історії.Підпишіться на розсилку The Protocol вже сьогодні. Переглянути всі розсилки
- The attacker pulled out tranches of $50,000 in DAI from the project’s yCurve and sUSD pools, according to The Block researcher Steven Zheng and Andrianova. The attacker collected $2 million worth of the stablecoin before exhausting the pools.
- A re-entrancy attack allows a user to withdraw more funds from a contract than the contract holds. Ethereum's 2016 The DAO hack was also a re-entrancy attack.
- Akropolis’ Delphi savings pool was audited twice, the team said in the Discord, once by CertiK and also by firms SmartDec and Pessimistic.
- Andrianova told CoinDesk an autopsy of the attack will be released Friday.
Not quite, we will publish a detailed retro shortly. Two attack vectors have unfortunately been missed despite two audits. I will link a post-mortem and next steps here.
— Ana A. (@ana_andrianova) November 12, 2020
Update (November 12, 22:00 UTC): New communications from Akropolis including the type of attack have been added.
