Earning.Farm Taken For for Nearly A $1 Million

In today's edition of YIYL, (You Invest, You Lose) we go back to the farms to see what they're cooking up once again, and boy is it another shit storm. Despite the 80%+ drop in trading volume and total value locked in these shitcoin trading platforms, they cannot even keep hold of the liquidity they have left, which is probably mostly their own funds and a tiny party of retail who have no idea what they are doing.

Most of these DEFI platforms are all piggybacking off of larger services and as these big DEXs move, the arb bots search out opportunities on the smaller liquidity pools to try and extract value out of them.

It's a trickle-up effect, but people in DEFI don't see it because they're focused on what they can see which are these absurd yields being paid in a shitcoin where they cannot realize the gains even if they wanted to sell.

A failure on the farm

This week we saw one of these smaller DEFI projects called Earning.Farm lose 748 ETH (~$971,000) to a hacker using a flash loan attack. Flash loan attacks are extremely popular and allow traders who find these opportunities to borrow and lock funds in a certain coin and borrow another coin likely on leverage and then dump that coin into the market and extract the paired value on the other side.

According to reports, the project contract was missing a check that a flash loan was initiated by the protocol, so the attacker was able to instruct the project to withdraw large amounts of funds, which they then were able to transfer to themselves.

https://twitter.com/Supremacy_CA/status/1581012823701786624

Hilariously, the predator became the prey as one of the transactions by the hacker was front-run by an MEV bot known as 0xa57, which made a tidy 480 ETH (~$623,000) from the attack.

The second transaction succeeded, landing the attacker 268 ETH (~$348,000). According to an MEV researcher, 0xa57 has been known to return funds that were obtained as a result of a hack. So Earn.Farm are probably holding their breath so they can get back a portion of the funds.

https://twitter.com/danielvf/status/1580936010556661761

EIP-3156

While protocols on ETH and other EVM chains continue to suffer from flash loan attacks because they are so easy and profitable to pull off MEV, another rentseeker on the system is used as a stopgap until the proposed EIP-3156 gets pushed through which will add even more complexity and rules to the base chain. This "initiator" check is meant to curb these flash loan attacks and is giving a lot of DEFI bros hopium.

While the devs continue to feed them with this cope and talk about the solutions, every patch just pushes the risk to another part of the system and the merry-go-round will continue.

While flash loans are a drain on the system, whatever comes after this will be even worse, and that's always been the case with an over-engineered system looking for perfection it will never find.

Hacktober

October has been quite a month for hacks, which is pretty unusual in a bear market, but I guess with the economic situation around the world getting tougher, looking for free money just lying around waiting to be taken continues to prove to be an irresistible honeypot.

This is what shitcoiners and DEFI bros don't get, your protocol has two options, be insignificant and safe from attack because its' not worthwhile to nail it because there are others that have a better payoff, or compete and grow your TVL so you get to a point where you look like a juicy mango ready to the picking.

It's a game of hot potato, that people will have to continue to learn the hard way and ill be hear to laugh at all of you

Have your say

What do you good people of HIVE think?

So have at it my Jessies! If you don't have something to comment, "I am a Jessie."

Let's connect

If you liked this post, sprinkle it with an upvote or esteem and if you don't already, consider following me @chekohler and subscribe to my fanbase

Earn Free bitcoin & shop	Earn Free Bitcoin & shop	Claim Free Bitcoin & Shop

Posted Using LeoFinance ^Beta