The Fei Protocol offered $10 million bounty after a recent Rari Capital exploits that drained $80 million in crypto from the DeFi platform so let’s read more today in our latest cryptocurrency news.
Fei Protocol offered $10 million bounties after the exploit on Rari Capital which enabled the attackers to drain $80 million in crypto from the liquidity pools according to the smart contract audit firm blockSec. The team called the security flaw a typical entrance vulnerability and posted a picture displaying the offending code. The Algorithmic stablecoin Fei also contributed liqudity to Rari Capital’s exploited pools and Fei has a market cap of half a billion dollars making it the 11thbiggest stablecoin as per CoinGecko. Fei merged with Rari Capital and it enables the creation of the so-called Fuse Pools which anyone with a wallet can access from anywhere to lend and borrow ERC-20 with no minimum funds required of the users. Fei and Rari’s joint effort got off the ground with about $2 billion in liquidity.
Our monitoring system detected that multiple pools related to @RariCapital @feiprotocol were attacked, and lost more than 80M US dollars. The root cause is due to a typical reentrancy vulnerability. @defiprime
— BlockSec (@BlockSecTeam) April 30, 2022
Fei Protocol acknowledged the exploit before BlockSec’s report and said:
“We have identified the root cause and paused all borrowing.”
Fei promised a $10 million bounty to the attackers and now it is trading a little below the peg of $0.9895 as of the time of writing. This is not Rari Captial’s first major exploit and the hacker stole 2600 ETH from the Rari Capital users. The CEO Jai Bhavnani said that the Rari team members will be sacrificing their RGT allocations and putting them towards the reimbursement and when the companies merged, Fei protocol assumed the liabilities stemming from the exploit.
We are aware of an exploit on various Rari Fuse pools. We have identified the root cause and paused all borrowing to mitigate further damage.
To the exploiter, please accept a $10m bounty and no questions asked if you return the remaining user funds.
— Fei Protocol (@feiprotocol) April 30, 2022
As recently reported, Ethereum-based yield aggregator Rari Capital was attacked over the weekend by bad actors and the hackers looted 2600 in crypto in the aftermath. The attacker took place on May 8th with a series of transactions lasting for hours. Rari Capital’s product deposits ETH into Alpha Homoras’ iBET interest-bearing token as a part of the strategy. The protocol’s pool contract operates with the ibETH.totalETH()ibETH.totalSupply() used to calculate the exchange rates for the pairs and a separate report from Alpha Finance LAbs claims that this operation can lead to incorrect assumptions. According to Alpha Finance, the ‘ibETH.totalETH() was manipulative inside the work function and the users can call any contracts if wants to inside ibETH work including the Rari capital Ethereum pool deposit and withdrawal functions.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]