Nirvana Finance lost $3.5M yesterday to a flash loan attack.
Is this “DeFi 3.0”?
The recently-launched, Solana-based protocol claims that it “transforms risk into reward” whilst boasting a “known maximum downside and unlimited upside.”
Who knew that the maximum downside could be almost -90%...
The Nirvana team has made an appeal to the hacker to return the funds.
But will the hacker choose the path of enlightenment?
The attacker took a $10M flash loan from Solend, which was then used to mint ANA, inflating the price of ANA from ~$8 to ~$24.
The overpriced ANA was then used to cashed out USDT via Nirvana’s treasury, netting the exploiter ~$3.5M in profit, on top of the flash loaned amount.
The stolen funds were then bridged via Wormhole to the attacker’s ETH address, where they remain at the time of writing.
Attacker’s address: 76w4SBe2of2wWUsx2FjkkwD29rRznfvEkBa1upSbTAWH
Attack tx: LyUnvdY9…
Nirvana’s Treasury contract: CxuuSEv67PzNkMxqCvHeDUr6HKaadoz8NhTfxbQSJnaG
As VCs move on to the latest retail-bait L1 promising fast transactions and endless scalability, will projects like these prove to be the last cash-grabs of an ecosystem past its prime?
Nirvana’s docs read like a glossary of DeFi buzzwords and statements like “ANA protects its holders against catastrophic stablecoin depegging” and “The ANA token cannot go to zero”
The charts beg to differ.
From the hyperbole to the “automatic audit” completed earlier this month, this protocol doesn’t seem built to last…
A user on Solana Forums may have put it best with the following comment:
The team seem to have made peace with the fate of their tokens, only time will tell if they’ll get a chance at reincarnation.
REKT serves as a public platform for anonymous authors, we take no responsibility for the views or content hosted on REKT.
donate (ETH / ERC20): 0x3C5c2F4bCeC51a36494682f91Dbc6cA7c63B514C
REKT is not responsible or liable in any manner for any Content posted on our Website or in connection with our Services, whether posted or caused by ANON Author of our Website, or by REKT. Although we provide rules for Anon Author conduct and postings, we do not control and are not responsible for what Anon Author post, transmit or share on our Website or Services, and are not responsible for any offensive, inappropriate, obscene, unlawful or otherwise objectionable content you may encounter on our Website or Services. REKT is not responsible for the conduct, whether online or offline, of any user of our Website or Services.
you might also like...
Approximately 8,000 addresses on the Solana network have been compromised, draining a total of ~$5.3M. Fear leads to rumours, and separating the signal from the noise is no easy task.
$48M CASHed out. The latest leaderboard entry comes from the Solana network, where an anonymous attacker used an infinite mint to make Cashio print faster than the Fed.
Wormhole had a loophole... A hacker distorted the fabric of Solana's space-time, netting $326M in the process. How did Wormhole return so much ETH so fast?