The contagion from the March 13 flash credit attack on Euler has spread far and wide, resulting in frozen or lost funds for 11 different decentralized finance (DeFi) protocols, according to reports from each of them on Twitter. Balancer, an Ethereum protocol with over $1 billion in total locked value (TVL), is among the affected protocols. Below is an overview of the main exploits and what we know so far.
equalizer
Balancer reported on March 13 that the Euler Boosted USD (bb-e-USD) pool was affected by the exploit. About $11.9 million worth of tokens from this pool were sent to Euler during the exploit. The balancer emergency SubDAO responded by pausing the pool and putting it into recovery mode. However, at the time of the disruption, over 65% of the pool’s TVL had already been lost.
Due to an error in the app’s user interface (UI), liquidity providers are unable to retrieve the remaining funds in the pool. However, a new user interface will be offered “in the near future” that will allow the remaining funds to be withdrawn, Balancer said. No other pools are affected, Balancer clarified.
Angle log
Angle Protocol released a preliminary report on his exposure to the attack. It could have lost over $17 million worth of USD Coin (USDC). This may have caused the stablecoin agEUR, which is pegged to the euro, to become under-collateralised. The team is still investigating and trying to create a detailed balance sheet. All agEUR minting and repayments are currently suspended, but borrowers can continue to repay their debt to the protocol as usual, the team said.
idle finances
Idle Finance has provided a detailed list of its losses due to the Euler exploit. It appears to have lost around $5.9 million worth of tokens in total based on Ether (ETH) and Euro prices as of March 13. The team has paused all best yield vaults and yield tranches related to Euler to prevent further losses.
year finances
According to DefiLlama, Yearn.finance has $423 million in TVL. It reported an indirect stake in Euler through Angle Protocol and Idle Finance. It lost about $1.38 million. However, the team said any bad debts not covered by Idle and Angle would be covered by Yearn Treasury.
Yield Log
Yield Protocol is another protocol affected by the exploit. Its “mainnet liquidity pools are built on top of Euler,” according to the team’s announcement regarding the attack. The company has disabled the mainnet app, halted borrowing and is investigating the attack. Its mainnet liquidity pools appear to have been impacted, with a potential loss of “less than $1.5 million.”
inverse finance
InverseFinance reported that it was also hit as its DOLA Fed lost over $860k for the DOLA-bb-e-USD on Balancer. The team said it is communicating with Balancer to try to get those funds back to depositors.
Related: Euler Finance was hacked in a flash loan attack for over $195 million
SwissBorg
SwissBorg reported that “a small part of [its] Smart Yield Program was affected by the exploit. However, “thanks to our risk management process, the extent of the damage is minimal.” The team said it would recover any losses from its funds and its users “will not suffer any loss from this event.”
In a Telegram conversation with Cointelegraph, SwissBorg founder Cyrus Fazel clarified that the protocol ranks return strategies based on risk, time, and APY. Since Euler was rated Risk 2 – Adventurous, SwissBorg users had invested “a limited amount” in Euler. This mitigated losses for the record, he explained.
Other affected protocols
Opyn, Mean, Sense, and Harvest also reported that they may have been affected by the exploit, although none have provided details on how much was lost. This brings the total number of affected protocols to 11 with cumulative losses of $37.6 million.
Euler Finance is a crypto borrowing and lending protocol running on Ethereum. It became popular thanks in part to its support for using liquid staking derivatives (LSDs) such as Coinbase Staked ETH (cbETH) or Lido Staked ETH (stETH) as collateral for loans. On March 8th, Euler had locked over $311 million worth of crypto in its smart contracts. Since the exploit, its TVL has dropped to $10.37 million.
This story was corrected at 2:11am UTC on March 14th to reflect that the flash credit attack occurred on March 13th.
Learn Crypto Trading, Yield Farms, Income strategies and more at CrytoAnswers
https://nov.link/cryptoanswers
Comments are closed.