Hack Epidemic (Origin Protocol - REKT)

Stay at home, wear a mask, the hack epidemic is spreading.

These are dark times for weak code. Developers need to put their protocols into lockdown.

Greed is contagious, and hacks bring eye-catching prizes. In just 24 hours we hear of two more attacks.

Cheese Bank - $3.3m via flashloan AMM oracle attack, Origin Protocol, $8m via flash loan and faketoken re-entrancy

In the last 30 days, we’ve seen over $45 million of users funds removed from unsecure protocols. In addition to the most recent attacks, we’ve seen Harvest ($25M) > Value DeFi ($7M)> and Akropolis (~$2M)

In epidemiology, the basic reproduction number, or “R number” is the expected number of cases directly generated by one case in a population where all individuals are susceptible to infection.

In cryptocurrency, the R number is the quantity of protocols that are currently getting totally REKT by flash loans and fake tokens.

We’re seeing the R number increase day by day as the publicity of each attack serves as duplication instructions for the next capable coder who’s willing to take risks.

Although each hack attracts attention and even some compliments on their expertise, we should remember not to glorify this behaviour.

Any “Robin Hood” comparison is way off the mark here. Hackers are stealing money from those who have less.

Although, we are learning from the experience.

We can hold the opinion that flash loans are good for the space without promoting greed and theft.

Having said that, greed is not without its benefits.

Would banks be secure if there were no robbers?

Greed is at the core of our capitalist system, yet it brings us vaccines...

If, as some say, the hackers are acting simply to expose weak code and educate the space, perhaps it would be best to eventually return all funds, rather than rely on their personal judgement to decide who should be refunded.

However, perhaps there is also some greed in the behaviour of the developers, who could wait and have their code thoroughly audited pre-launch instead of gambling with users funds.

On the other hand, if there was no predatory risk to shit code, then the developer would become the apex predator, and the cycle would continue.

All parties involved in these attacks have some degree of responsibility. The amount of responsibility varies, yet the motivation is identical.

Greed is human nature, and it's a key concept in the game of DeFi.

Each actor involved in these unfortunate events presents their greed through different actions.

The Ape - Hopes to make a profit and bet on the untested code. Greed shows through their impatience, yet the early bird has been rewarded well in the past, so their desired outcome is not without precedence.

The Dev - Expecting to profit the most from their newly released code, the greedy dev is blinded by their expectations, and skips the essential safety audit as they rush their code to market.

The Hacker - The apex predator is not immune, but is able to use superior knowledge to weaponise his greed while others are handicapped by it. If you had worked to acquire knowledge that enabled you to take money in this way, would you return millions of dollars?

While there is no cure for greed, we should remember that it can create things which are positive, and that there are steps we can take to protect ourselves from its negative consequences.

Although immunity is never 100% guaranteed, we can take steps to reduce the likelihood of infection.

The R number changes according to our behaviour, developers must put protocols into lockdown immediately.

This is an epidemic that affects only the weak. Once infected, there is no cure.

The only protection is in prevention, code needs to be audited thoroughly if it is to survive the winter.

Audit your code, wash your hands, don’t get rekt.

REKT는 익명 작성자들에 의한 공공 플랫폼이며, REKT에 작성된 관점이나 내용에 대해서 그 어떤 책임도 지지 않습니다.

기부 (ETH / ERC20): 0x3C5c2F4bCeC51a36494682f91Dbc6cA7c63B514C

disclaimer:

REKT는 당사 웹 사이트의 익명의 작성자 또는 REKT에 의해 게시되거나 관련된 서비스에서 게시되는 콘텐츠에 대해 어떠한 책임도 지지 않습니다. 당사는 익명 작성자들의 행동 및 게시물에 대한 규칙을 제공하지만, 익명의 작성자가 웹 사이트 또는 서비스에 게시, 전송 혹은 공유한 내용을 통제하거나 책임지지 않으며, 귀하가 웹 사이트 또는 서비스에서 직면할 수 있는 불쾌함, 부적절함, 음란함, 불법 또는 기타 해로운 콘텐츠에 대해서도 책임을 지지 않습니다. REKT는 당사 웹 사이트 또는 서비스 사용자의 온라인 또는 오프라인 행위에 대한 책임을 지지 않습니다.