Total Lending Protocol Error
The complex credit log bug reported by Robert Leshner is in place, putting the platform at risk for $ 160 million as we read more crypto news today.
A week ago, founder Robert Leshner called the complex credit log flaw in smart contracts a “moral dilemma,” but some people today see smart contracts mistakenly turning into a machine full of free money if someone takes advantage of a flaw in the controller. Today’s contract is part of a protocol that distributes agricultural productivity premiums to users. Calling Compound’s drip feature moved $ 68 million from the compound reservoir to the blender.
Anyone who gives COMP back to the community is an alien giga-chad; and if an alien giga-cha team summons me, I will appear https://t.co/EZLb7g91Ew
– Robert Leshner (@rleshner) October 1, 2021
Since the core developer at Yearn Finance tweeted about mining this afternoon, four large deals have wiped out the $ 24 million compound pool. One of the transactions withdrew $ 12.3 million and Banteg said the only addresses with an error status could be withdrawn and there were a few others that could take $ 45 million and clear the billing rate. After an update called Proposition 062, the comptroller team started giving out 280,000 COMP to the wrong people and Leshner urged users to return the money.
Anyone can add COMP to the pool by calling the Drip () function, which is a public function but has not been called in several weeks.
“When the Drip () function was called this morning, it posted a backlog (202,472.5, about two months COMP since the function was last called) in the log for distribution to users. “, Leshner pointed out.
The best kept secret in DeFi was revealed, someone named Drip () on Compound’s Reservoir sent an additional $ 68.8 million COMP to Comptroller.
I ran the numbers and it looks like about 1/4 of that could be exhausted. Https://t.co/I4mGeNX6uT
– banteg (@bantg) October 3, 2021
The drip issue was known to compound and security researchers, but since there weren’t any mitigations, they decided to keep it a secret in hopes that no one would notice until the patch was released. The community developers are hoping these patches will come out before the drip is called, so Leshner tweeted to explain, however Banteg called mining “the best kept secret in DeFi”. Leshner stated that the total amount at risk is $ 160 million, of which 136,000 are still on the computer and 117,000 have been returned to the community. In a comment on the Banteg Post, retailer Chsirtoper Mooney said:
“I’m really impressed that it took so long with the amount of people who know. Restored my belief in humanity for a while, but in the end one of you chose chaos neutrality. ”
DC Forecasts is a leader in many crypto news categories, always striving for the highest journalistic standards and adhering to strict editorial guidelines. If you would like to share your expertise or contribute to our news page, please contact us at [email protected]