🥶 Thaw Head
Market Meditations | December 29, 2022
Last Friday Defrost Finance announced that they were the latest in a long line of DeFi protocols to have suffered a hack. But in a turn of events this one might have a happy ending, and just leave users with a thaw head:
- DeFrost Finance is a decentralised trading platform but on the Avalanche blockchain. Their V2 platform allows leverage up to 5x.
- PeckShield reported last week that a flash loan vulnerability was exploited, resulting in a $173k gain for the hacker.
- Specifically, there was “no reentrancy lock” in the smart contract, which allowed the hacker to “manipulate the share price of LSWUSDC“.
- A subsequent tweet suggested a potential rug pull by the developers, with the total loss in funds being closer to $12 million.
- They claimed they had used a ‘fake collateral token‘ and a ‘malicious price oracle‘.
- Security firm CertiK also called it an exit scam, claiming they had “attempted to contact multiple members of the team but have had no response“.
- But yesterday, Defrost Finance claimed that the stolen funds had been returned. They linked an Ethereum address where the assets were being held.
- They now plan to return all funds to their rightful owners by scanning on-chain data.
- According to CoinTelegraph, the process will include converting the ETH to stablecoins before moving them back to the Avalanche network.
- Users will then be able to use a new smart contract to return coins to their original wallets.