The coffers of Pickle Finance, a decentralized finance (DeFi) protocol with a native token that looks suspiciously like Pickle Rick, of Rick and Morty fame, were drained today of $20 million in what appears to be a hack.
Pickle Finance shifts investors’ money around different DeFi protocols to maximise returns, a little like a traditional robo-advisor.
In addition in the second invocation for swapExactJarForJar there were passed a target and doing a delegate call to CurveProxyPool 😢
— Emiliano Bonassi | emiliano.eth (@emilianobonassi) November 21, 2020
Yesterday, Pickle “deployed a new strategy” to maximise returns from DAI, a decentralized stablecoin pegged to the US dollar, “Larry the Cucumber,” a team member for Pickle, posted in a Discord chat, according to “statelayer.eth.”
But it doesn’t appear to be the kind of flash loan attack that have plagued DeFi protocols for the past few months. Several DeFi protocols have been the victims of flash loan-based oracle attacks: Harvest Finance lost $34 million, Cheese Bank lost $3.3 million; Akropolis suffered a $2 million loss and Value DeFi lost $6 million. “Normally you'd see the tx calling Aave, Uniswap, or dYdX for the flash loan,” crypto analyst Nick Chong told Decrypt.
An unhappy Pickle Finance user, on Telegram
Following the hack, the price of Pickle Finance's token, PICKLE, fell by 43.8%, according to Coin Gecko, to $12.75.
Until it works out what’s going on, Harvest Finance, a rival DeFi protocol that last month was hacked for $30 million, has moved all of its DAI, as well as stablecoins USDC and USDC, “ to the safety of its vaults until the attack vector is understood,” tweeted Smokatoke, a community rep for Harvest Finance.
Daily Debrief Newsletter
Start every day with the top news stories right now, plus original features, a podcast, videos and more.
Raydium's native token, Ray, rose sharply on Monday, driven by the decentralized exchange's "deep liquidity," even as it faces stiff competition from the recently launched rival PumpSwap, according to one core contributor.
As the 133rd largest crypto by market capitalization, Ray is trading at about $1.95, according to crypto data provider CoinGecko.
It is up 25% over the past 14 days, recovering ground lost earlier this year as Pump.fun grew more popular.
Ray had dropped 7.6% over a five-minut...
Real-world asset have notched a combined $10.216 billion in total-value locked on decentralized platforms as digitizing traditional financial instruments becomes increasingly popular in Web3.
The total is spread across 79 DeFi platforms, with the top three RWA protocols accounting for 36% of that total-value locked, according to DeFiLlama. The top three RWA protocols—Maker RWA, BlackRock BUIDL and Ethena USDtb—hold $1.298 billion, $1.232 billion and $1.182 billion in TVL, respectively.
Analyst...
Ethereum real-world asset platform Zoth has suffered an attack that resulted in the loss of $8.85 million. Security experts believe the hack, the second suffered by the company in a month, came about as the result of a private key leak.
On Friday morning, a Zoth proxy contract was upgraded by what security firm Cyvers called a "suspicious address.” Soon thereafter, $8.85 million worth of stablecoin USD0++ was transferred out of the proxy contract into the attackers wallet before all funds were s...
