Although the infinite mint exploit should have netted a tidy $3.3M profit, the clumsy crypto corsair dropped the loot overboard.
1570 ETH sent to the burn address and around $8k out of pocket overall.
An embarrassing, but ultra-sound, self-rekt.
Update: Further minting of R has been paused.
Existing users are still able to repay their positions and receive their collateral.
The team also advised against speculating on the now-partially-unbacked stablecoin, adding:
The current version of Raft will be sunsetted.
Will they manage to keep themselves afloat for a v2?
The hack involved inflating the value of collateral by liquidating previously opened positions from an address holding excess ETH (sourced via flash loan).
The over-valued collateral then allowed the attacker to mint 6.7M R stablecoin, which were dumped for (what should have been) over $3M profit.
The freshly minted R tokens were dumped into the existing liquidity pool, causing the price to tumble:
The token’s collateral reserves were not affected, and any users who have a CDP on Raft should be able to return R and withdraw their collateral.
Attacker address: 0xc1f2b71a502b551a65eee9c96318afdd5fd439fa
Attack tx: 0xfeedbf51…
Preparatory tx: 0xa1378a4d…
Exploited contract: 0x9ab6b21cdf116f611110b048987e58894786c244
The problem is that the code for converting R to ETH and transferring it to the exploiter was called from another contract using delegatecall
But delegatecall looks at the storage of the parent contract, in which the slot with the exploit address was not initialized
Despite how badly this exploit went for the attacker, they certainly aren’t stupid.
But when vulnerabilities are still being found in DeFi giants, it reminds us that nowhere is truly safe.
When braving DeFi's stormy seas, we all must choose our vessel.
Would you trust a Raft?
REKT serves as a public platform for anonymous authors, we take no responsibility for the views or content hosted on REKT.
donate (ETH / ERC20): 0x3C5c2F4bCeC51a36494682f91Dbc6cA7c63B514C
REKT is not responsible or liable in any manner for any Content posted on our Website or in connection with our Services, whether posted or caused by ANON Author of our Website, or by REKT. Although we provide rules for Anon Author conduct and postings, we do not control and are not responsible for what Anon Author post, transmit or share on our Website or Services, and are not responsible for any offensive, inappropriate, obscene, unlawful or otherwise objectionable content you may encounter on our Website or Services. REKT is not responsible for the conduct, whether online or offline, of any user of our Website or Services.
you might also like...
OG decentralised exchange KyberSwap got rekt across six chains, for a total loss of over $48M. Perhaps there’s some good news in store for KyberSwap and LPs, or is the attacker just toying with us?
It's been a rough few weeks for Justin Sun. Today, another $99M went missing as HECO Bridge and HTX (again) were hacked in short succession. His Excellency makes sure to never stay out of the spotlight for long…
Deja-vu, anyone? Market maker Kronos Research lost $26M over the weekend, leading to liquidity issues on closely-associated CEX Woo X. Where have we heard that before?