DeFi vulnerability leading to $6.7M exploit 'not detected' by auditors
Decentralized U.S. dollar stablecoin protocol Raft claims that despite multiple security audits, the firm still suffered a security exploit leading to the loss of $6.7 million last week.
According to the project's Nov. 13 post-mortem report , a few days prior, a hacker borrowed 6,000 Coinbase-wrapped staked Ether (cbETH) on decentralized finance protocol Aave, transferred the sum to Raft, and minted 6.7 million Raft stablecoin, dubbed "R," using a smart contract glitch.
The unauthorized minted funds were then swapped off the platform through liquidity pools on decentralized exchanges Balancer and Uniswap, netting $3.6 million in proceeds. The R stablecoin depegged after the attack.
According to the report:
"The primary root cause was a precision calculation issue when minting share tokens, which enabled the exploiter to obtain extra share tokens. The attacker leveraged the amplified index value to increase the worth of their shares."
The smart contracts exploited during the incident were audited by blockchain security firms Trail of Bits and Hats Finance. "Unfortunately, the vulnerabilities that led to the incident were not detected in these audits," Raft developers wrote.
The project says that since the Nov. 10 incident it has filed a police report and is currently working with centralized exchanges to track down the flow of the stolen funds. All Raft's smart contracts are currently suspended, though users who minted R "retain the ability to repay their positions and retrieve their collateral."
Decentralized stablecoins are minted using users' crypto deposits as collateral. Last December, decentralized stablecoin HAY depegged against the U.S. dollar after a hacker took advantage of a smart contract glitch and minted 16 million HAY without proper collateral. The HAY stablecoin has since re-pegged, in part, due to the protocol requiring a collateralization ratio of 152% at the time of exploit as part of risk management.
We are aware of a potential security vulnerability.
— Raft (@raft_fi) November 10, 2023
We are currently investigating and will provide an update as soon as we can.
Related: September becomes the biggest month for crypto exploits in 2023
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Polygon Targets $1 & Ethereum Eyes $3,600, Yet BlockDAG’s CertiK Audit and $0.0019 Coins Could Outperform All
Discover Polygon (POL) price movement and Ethereum (ETH) price analysis as both eye breakouts, and see why BlockDAG’s CertiK audit, growing presale, and attractive pricing position it among the best crypto for higher returns in 2025.Polygon (POL) Price Movement Signals Breakout Toward $1Ethereum (ETH) Price Analysis: Tight Range Could Spark $3,600 BreakoutBlockDAG’s CertiK Audit Strengthens Its Case as the Best Crypto for Higher ReturnsTo Sum It Up
$298M Crypto Liquidations Rock BTC and ETH Traders
Crypto liquidations hit $298M in 24 hours, with BTC and ETH leading losses. Here's what caused the wipeout.A Rough Day for Crypto TradersWhat Triggered the Liquidations?Caution Ahead for Leverage Users
Top New Meme Coins to Invest in This Month: Troller Cat Flaunts 7k% ROI as Official Trump and Mog Coin Rise from Slumber
Troller Cat ignites excitement with 69% APY and 7,000% ROI target. TRUMP and MOG bounce back, but is this cat the real jackpot?Troller Cat ($TCAT): Clawing Up the Ladder with Massive ROI PotentialOfficial Trump ($TRUMP): Slow Grind with Political BuzzMog Coin ($MOG): The Cult Favorite Gets a PulseConclusion
SOL Technical Analysis Signals Strength, Cardano’s AI Testnet Launches & BlockDAG’s $0.0019 Offer Ends on May 13
Explore SOL Technical Analysis & details on Cardano's AI Testnet. See why BlockDAG’s $0.0019 entry before May 13 could define the best crypto platform call.SOL Technical Analysis Points to Cautious OptimismCardano’s AI Testnet to Simulate High-Frequency Network ConditionsBlockDAG’s Listings Near: $0.0019 Offer Available Until May 13What Defines the Best Crypto Platform in 2025?
Trending news
MoreCrypto prices
More
