Euler Finance Suffers $197 Million Loss Due to Logical Flaws

03/13/2023 11:34 • Digital Disruptors • 98 views

According to PeckShield’s analysis, Euler Finance was used in a series of transactions on Ethereum (hacker transaction address) due to its logical flaws in donation and liquidation, resulting in a loss of about 197 million dollars. Specifically, DonateToReserves needs to ensure that donors still have excess collateral, and liquidation needs to ensure the “correct” conversion rate from loans to mortgaged assets. In addition, two hackers participated in the attack: 0x5F2… 8B8c and 0xBcA… 7c5C.

Euler Finance was attacked due to logical flaws in its donation and liquidation

At the beginning of 2022, Euler Finance suffered a major loss of approximately 197 million dollars. According to PeckShield’s analysis, Euler Finance was used in a series of transactions on Ethereum’s hacker transaction address. The reason for this was the logical flaws in donation and liquidation, which caused a substantial loss to the company.

What is Euler Finance?

Euler Finance is a DeFi platform that offers financial products such as yield farming, lending, and borrowing services. Similar to other DeFi platforms, Euler Finance aims to offer decentralized and trustless financial services to its users.

What Happened?

A hacker used Euler Finance’s logical flaws in donation and liquidation to attack the platform. The hacker performed a series of transactions using the hacker transaction address on Ethereum. This attack resulted in a massive loss of approximately 197 million dollars to Euler Finance.

Logical Flaws in Donation and Liquidation

PeckShield’s analysis revealed the logical flaws in donation and liquidation, which the hacker exploited to cause a significant loss to Euler Finance. The two main flaws in donation and liquidation that led to this attack were:

DonateToReserves

The DonateToReserves function is meant to ensure that donors still have excess collateral. However, due to a logical flaw in the code, the function can be called multiple times to generate excess reserves, which can be later used for an attack.

Liquidation

The liquidation function is meant to ensure the “correct” conversion rate from loans to mortgaged assets. However, due to a logical flaw in the code, the function can be manipulated to give a disproportionate amount of rewards to the attacker.

The Two Hackers

PeckShield’s analysis revealed that two hackers participated in the attack: 0x5F2… 8B8c and 0xBcA… 7c5C. The hackers exploited the logical flaws in donation and liquidation to perform a series of transactions on the hacker transaction address on Ethereum, which resulted in the massive loss to Euler Finance.

Conclusion

Euler Finance suffered a massive loss of approximately 197 million dollars due to the logical flaws in donation and liquidation. This attack highlights the importance of securing DeFi platforms from such attacks. It also underscores the need for thorough audits and security checks before launching new DeFi projects.

FAQs

#What is a DeFi platform?

A DeFi platform is a decentralized finance platform that offers financial products such as yield farming, lending, and borrowing services using blockchain technology.

#What is yield farming?

Yield farming is the process of earning rewards in cryptocurrency by staking or lending digital assets.

#How can DeFi platforms be secured?

DeFi platforms can be secured by thoroughly auditing the code, implementing security measures such as multi-sig wallets, and carrying out regular security checks.

This article and pictures are from the Internet and do not represent aiwaka's position. If you infringe, please contact us to delete:https://www.aiwaka.com/2023/03/13/euler-finance-suffers-197-million-loss-due-to-logical-flaws/

It is strongly recommended that you study, review, analyze and verify the content independently, use the relevant data and content carefully, and bear all risks arising therefrom.