Over 1.2 Billion aUSD Minted in an Exploit of Polkadot’s DeFi Hub Acala

Polkadot’s Decentralized Finance (DeFi) hub Acala was the victim of a major attack against its newly launched liquidity pool. The hacker was able to create more than 1.2 million aUSD, the stablecoin of the project.

Acala’s team posted a tweet shortly after the hack. They noted that the exploit was caused by a “misconfiguration in the iBTC/aUSD liquidity pools.”

The issue was caused by a misconfiguration in the iBTC/aUSD liquidity pools (which went live earlier today), which resulted error mints of a substantial amount of aUSD 1/

— Acala (@AcalaNetwork), August 14, 2022

Cala Suspends on-chain Activities

Onchain data shows that the majority of the minted stablecoins remain in the Acala account. An attacker exchanged a small fraction of the stablecoins to Acala’s native token ACA, and four additional tokens. The account held $1.27 billion in aUSD at the time of writing. This represents more than 99%.

Although the Acala community has yet to decide on the exploit’s fate, the team reported that it had temporarily blocked the accounts from transferring tokens.

The project states that on-chain activities like swaps and cross-chain messaging were also halted until further notice. Protocol noted that the protocol’s oracle pallet had been suspended as well, so users don’t have to worry about forced liquidation.

During this time, aUSD (the first stablecoin listed on Polkadot) reacted negatively and lost its USD parity. The stablecoin traded at $0.89 as of press time, after dropping almost 50% to $0.57 in trading prices.

Cala’s Attack Might not be the End

Acala has now fixed the pool misconfiguration, but this incident increases the number of decentralized apps (dApps), that have been compromised by hackers who are always looking for smart contract bugs to exploit.

Victor Young, founder of Analog (a layer-0, Proof-of-time, PoT-based project), commented on the Acala hack. He noted that Polkadot’s relay chain makes Polkadot “secure by design”, but this cannot be said for parachains.

He said that such dApp vulnerabilities could occur in the future if smart contracts developers don’t regularly inspect their codes.

“I believe we will continue to see these attacks, because many dApp developers won’t do the work of defining their security properties. The code might not be foolproof, even if it is audited. Developers and QA specialists need to constantly evaluate the code to ensure it achieves its goals,” he stated.

CryptoPotato’s first article, Over 1.2 Billions USD Minted in an Exploit Of Polkadot’s DeFi Hub Acala, appeared first on CryptoPotato.

Read More

2021's Most Anticipated Growth & Wealth-Building Opportunity

Join Thousands of Early Adopters Just Like You Who Want to Grow Capital and Truly Understand Cryptocurrency Together

Marla Brooks

Marla Brooks – Financial Analysis My name is Marla Brooks, and I am the mainstream behind the”observednews.com”  for the powerful and most delicate insights into the latest activities in the financial analysis category. I started my journey as an independent financial consultant. I had approximately nine years of experience in this field. I am free soul so; my passion for exploring the world has taken me to the nations across the globe and given me the chance to report for a portion of the best news associations. Currently, I am a full-time editor as experienced in finance and started to use my abilities.

2021's Most Anticipated Growth & Wealth-Building Opportunity

Join Thousands of Early Adopters Just Like You Who Want to Grow Capital and Truly Understand Cryptocurrency Together

Close Bitnami banner
Bitnami