Solana based ANA stablecoin crashes after flash loan exploit
Solana can't seem to stay out of the news and not in a way you want to be featured. Around $3.5 million was exploited from the Nirvana Finance platform due to a flash loan exploit. Nirvana Finance is a DeFi protocol on Solana. As far as I know it, Nirvana Finance is not owned by Solana team and is a third-party project.
What is a flash loan?
A flash loan is similar to any other unsecured lending in the crypto space except for the fact the entire lifecycle is in a single transaction. That means a user will borrow and pay back funds immediately. This is only possible using platforms that support smart contracts.
The main reason to use flash loans is to take advantage of an arbitrage opportunity with more leverage.
Because flash loans are handled by a smart contract, they are generally considered safe for both parties. However if you exploit the price of one of the tokens in the transaction to make it seems as though the loan is repaid, you can come out with millions in profit.
Nirvana Finance exploit
This is how Nirvana Finance was exploited. A user took out a flash loan for $10 million dollars worth of USDC and minted $10 million worth of ANA. This increased the price of ANA in excess of $10 million dollars allowing the attacker to return fewer ANA tokens than they minted.
In this case, they were able to make around $3.5 million dollar profit. The price of ANA dropped around 90% as a result of this.
Flash loan attacks are not new and the largest known flash loan attack happened on Ethereum for over $182 million dollars.
Posted Using LeoFinance Beta
How did the price went up if the tokens were minted?
There were similar exploits on the PancakeBunny and the Belt platform, where they moved the price oracle for a bit ... not sure how did exactly happened here
Contract Algorithm
So a bad design ... realy bad coding practice there, especialy with a year of experiance in flash loans and tricking price oracles.
More the fact flash loan functionality exists, it is really only there to exploit the market.
Posted Using LeoFinance Beta
Shit eh? Not a bad pay day if you could get it. I'll be honest, at $3.5 million bucks I'd only need one day like that! I found 5 bucks in my pocket the other day and thought I was having a good week!
I thought it was owned by a Solana team not until you pointed them as a third party.
When you build a DeFi project, you need to test massively against exploits to be safe and secure the funds of investors.
Oh...
ANOTHER Solana based stablecoin goes to zero?
Thought they might have learned from Cashio's infinite glitch exploit.
Guess not.
Next.
Posted Using LeoFinance Beta
not the first and surely not the last attack
Risk 10M on a field trip, I always assume that it's an insider job. You write it, you know it, you have a bad weekend in vegas so you come back and exploit it.
people still try to build more algo stablecoins?
Your hate is like a whirlwind
In this case, they were able to make around $3.5 million dollar profit. The price of ANA dropped around 90% as a result of this- This way, the attacker could steal $3.5 million from the Nirvana treasury, repay the USDC loan, and then move the stolen funds to an Ethereum wallet converting it to DAI stablecoin.
From $8 to less than $2 is a terrible plunge. I hope LeoFinance devs learn from news such as this to guard against such occurrences with PolyCUB and CubDeFi.
Posted Using LeoFinance Beta
https://twitter.com/Uyobong3/status/1553490856312770565
The rewards earned on this comment will go directly to the people( @uyobong ) sharing the post on Twitter as long as they are registered with @poshtoken. Sign up at https://hiveposh.com.
Solana had another unsuccess story... What a surprise ... Not