The Opyn DeFi options protocol experienced a double-spending on its ETH options resulting in a loss of more than $370,000 in user funds as we are reading more in the upcoming crypto news today.
The hack on the Opyn Defi options protocol happened around 4:00 AM as the team secured 572,165 USDC from its contract but the hacker got away with 371,260 USDC. Opyn is decentralized and the team cannot shut down in the case of emergency. Opyn, the protocol offering ETH options and DeFi tokens as well as compound deposits was hacked. At least 371,260 USDC were lost because of the double-spending attack on its ETH-put options.
Only ETH put contracts were affected and the hacker used an exploit in Opyn protocol’s options tokens to steal the data from users who sold their ETH puts. Opyn responded to the exploit by removing the ability to purchase corresponding oTokens and trading their own smart contract portfolio to liquidate ETH puts, thus saving further collateral from exploitation. More than 571,165 USDC was drained from the ETH contract. While the security company Open Zeppelin audited the contracts, the exploit was outside of their scope as the Opyn team announced they will release more technical data at a later date.
The team reacted responsibly to the attack and promised a full reimbursement for ETH oTokens sellers who lost their money. For the purchasers of ETH put oTokens, the team offered to purchase the tokens with a 20% markup on Deribit to compensate them for damages. Opyn’s generalized options protocol Convexity is fully decentralized as the team doesn’t want to control it and can’t shut it down so there’s a limited opportunity to deal with the hack aftermath.
The example shows that smart-contract development should be treated as hardware development. Opyn is taking other measures to prevent future exploits and in the latest reports, the team stated that they will review its internal security practices while increasing the bounty rewards. They will also conduct additional audits besides the ones scheduled with Open Zeppelin. The contracts will go through Echidna, a program for testing smart contracts that were created by the Trail of Bits company. The hack outlined the vulnerability of the Defi space but the platform’s response to the incident is adequate and instills optimism about the future despite the negative impacts.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]
Discussion about this post