Verbund crisis averted? Protecting exposed COMP might just be the beginning

As the Decentralized Finance (DeFi) market continues to attract the interest of investors around the world, incidents have highlighted the vulnerabilities that the various platforms operating in the space are constantly exposed to.

For example, it was recently announced that due to a faulty system update, the prominent DeFi money market Compound had approximately $ 150 million invested in its native COMP token to risk third party hacking.

Although the bug was spotted long in advance, as the compound developers released a fix for the protocol bug shortly afterwards, it should be noted that the update is time-out for seven days, so efforts to resolve the problem by Jan. October to solve. Since then, the proposal to fix the bug was successfully passed and will be implemented on October 9th, but that may not be the end of the story.

Verbund crisis averted?  Protecting exposed COMP might just be the beginning
Verbund crisis averted? Protecting exposed COMP might just be the beginning

The founder of Compound, Robert Lesner, admitted on Twitter that 202,472.5 COMP, worth approximately $ 64 million at press time, was in jeopardy when the log’s “trickle-down” feature went live for the first time in more than 60 days. The trickle function is intended to provide users with all tokens stored in the compound pool, which accumulates 0.5 COMP per block.

After the incident, Leshner pointed out that the vast majority of all COMP tokens in existence today that are “reserved for users” are in the platform’s reservation system mentioned above. This disclosure could have played a significant role in COMP’s depreciation, causing the price of COMP to quickly drop from $ 330 to $ 286 after the bug was first identified. recover strongly later, according to data from Cointelegraph Markets Pro.

However, the token has steadily declined since October 3, with the digital asset’s value falling from a price point of around $ 350 and its 30-day losses rising from a high of around $ 525 to a staggering 40%.

If you’re asked for feedback on the severity of the problem and what you think could happen to the platform’s native assets in the next few days, Leshner told Cointelegraph that everything there was to be said on the matter had already been “adequately” dealt with, so he declined to comment on the matter.

The DeFi community has a say

To get a better look at what this entire incident means for the broader cryptocurrency ecosystem, contacted Cointelegraph Winston, a pseudonymous moderator for DeFi Yield Agriculture Aggregator, Harvest Finance. In his opinion, while for the most part the community has been fairly honest about returning most of the funds, that trust cannot always be relied on to save platforms all the time.

He also added: “Of course the team could have dealt with this debacle better, but it also shows that these ‘security elements’ can sometimes hinder a project rather than help.” Winston went on to say that he hopes the lessons will be learned from this:

“Many protocols will take into account the benefits of a shorter timeout, not only to prevent such things, but also to make them more flexible and faster.”

The developer of SushiSwap, Mudit Gupta, criticized Compound’s use of timeouts for governance purposes, stating that only about 100 people have been aware of the threat posed by the trickle feature since the bug was discovered on Sept. 30. and that no action has been taken since the time delay function was in effect.

Gupta continued warning DeFi users discuss the various risks associated with upgradeable smart contracts and state that they are according to their own design they are not intended for “great primitives” [de DeFi]”Adds that he also agrees that” updatability is more of a bug than a feature. “

That is, it should be noted that SushiSwap was also the subject of a recent hack in which a nefarious third party compromised the MISO token launch pad supply chain worth $ 3 million. Not only that, in late September it was also reported that a hacker identified a vulnerability that could have compromised more than $ 1 billion in user funds on SushiSwap.

Technical glitches are not new

George Harrap, The co-founder of the Solana-based wallet viewing platform Step Finance told Cointelegraph that Cryptocurrency bugs, exploits, and hacks are really nothing new in this space. and adds that these cases are only part of an industry where everything is digitized.

Even in a tweet, Leshner issued A serious warning to recipients of the fake tokens stating that any false acquisition could have real world consequences, primarily in the form of actions by the United States Internal Revenue Service (IRS). Regarding this, Harrap said:

“More interesting is the reaction of the founder of Compound than the failure itself in which he threatened DOX users. This is not a good example at all in DeFi and I think it is the reason many are rethinking their participation in Compound”.

Give a slightly alternative opinion on this topic, Red yakir, The DeFi developer at Orbs, a public blockchain infrastructure designed to be tightly integrated with the Ethereum Virtual Machine (EVM) -based layer, told Cointelegraph that The Compound saga serves as a crucial reminder of the drawbacks of a fully decentralized platform, without going into the message. However, he added:

“Comp is one of the most prominent projects in the DeFi space and while this can hurt, it won’t kill them and in the end they will get stronger.”

It should be noted that although Leshner’s tweets stated that approximatelye 117,000 COMP (valued at $ 37.6 million) Â returned to the log after the initial bug was discovered, the developer of, banteg, pointed out that a third of the funds that were jeopardized by the trickle function were already claimed by users on Sunday around 15:30 UTC.

According to the Banteg estimate the total value of the COMP tokens endangered by the judgment now amounts to a staggering 147 million US dollars.

With all of this surprising data now available to everyone, the incident is likely to set a precedent for how such incidents could play out within the DeFi ecosystem. DeFi enthusiasts hope the situation will be resolved, especially after the votes on proposals to overturn the judgment are successful (in the hope that the lost assets will be returned to where they legally belong). the industry.

Similar Posts