CryptoPotato
CryptoPotato
  • Crypto News
  • Margin Trading
  • Guides
    • Bitcoin & Crypto Guides 101
    • Bitcoin For Beginners
    • Editorials
  • DeFi & NFT
  • Buy
  • Language
  • Crypto News
  • Bitcoin For Beginners
  • Cryptocurrency Guides 101
  • Editorials
  • Bitcoin & Crypto Margin Trading
  • DeFi & NFT News
  • Bitcoin Price Analysis
  • CryptoPotato Crypto Fund
  • Ethereum (ETH) Price Analysis
  • Ripple (XRP) Price Analysis
  • Market Updates
  • Interviews
  • Buy Bitcoin with Card
  • bitcoin
    BTC$23,708.00
  • ethereum
    ETH$1,742.43
    • Market Updates
    • BTC Analysis
    • ETH Analysis
    • XRP Analysis
    • Interviews
    • Crypto Fund
    CryptoPotato
    CryptoPotato
    • Crypto News
    • Margin Trading
    • Guides
      • Bitcoin & Crypto Guides 101
      • Bitcoin For Beginners
      • Editorials
    • DeFi & NFT
    • Buy
    • Language
    • Crypto News
    • Bitcoin For Beginners
    • Cryptocurrency Guides 101
    • Editorials
    • Bitcoin & Crypto Margin Trading
    • DeFi & NFT News
    • Bitcoin Price Analysis
    • CryptoPotato Crypto Fund
    • Ethereum (ETH) Price Analysis
    • Ripple (XRP) Price Analysis
    • Market Updates
    • Interviews
    • Buy Bitcoin with Card
    Home » Crypto News » Cosmos-based DeFi Protocol Exploited for $5M, Devs Write Patch After Identifying Bug

    Cosmos-based DeFi Protocol Exploited for $5M, Devs Write Patch After Identifying Bug

    Author: Chayanika Deka

    Last Updated Jun 9, 2022 @ 07:21

    The bug could have drained all the funds from the pools but so far, the reported damage is $5 million. Osmosis, however, managed to avert the crisis.

    Cosmos-based DeFi protocol, Osmosis Network, was halted at block #4713064 on June 8th after spotting a critical vulnerability in its liquidity pools. The exploit took place just two blocks before the halt.

    • The attack was first reported by a Reddit user who warned if a customer deposits funds to an Osmosis pool would gain an extra 50% when removing it. The post has since been deleted.
    • But users began exploiting the vulnerability soon after to steal funds from Osmosis.
    • In one case, a malicious entity provided liquidity of 101,230 OSMO and made a 50% profit after exiting the position a few seconds later with 151,084 OSMO tokens. They managed to repeat this process at least 30 times.
    • It was only after the validators started reporting issues on Discord following the v9 Nitrogen upgrade that an emergency halt was employed to save the remaining liquidity on the decentralized exchange.
    • As a result, the Osmosis DEX and its native wallet remain inoperative for the time being.
    • Without divulging more details on the exact nature of the vulnerability, the DeFi protocol revealed identifying the bug and writing a patch.
    • The devs are currently testing the protocols before recommending the validators to restart the network.

    “Update: The bug has been identified and a patch written. More testing is underway before validators are recommended to coordinate a restart. Full bug report and action plan for a more thorough and proper end to end testing of chain upgrades to follow in coming days.”

    • Later on, the team behind the protocol provided more information on what transpired, including admitting that $5 million were overdrawn and promising to return all lost funds.
    • Before giving more updates on the matter, the protocol will implement “multiple changes and upgrades to our security protocols to ensure the quality and safety of Osmosis.”

    The bug itself was simple, and involved incorrect calculation of LP shares when adding and removing liquidity from pools.

    It should have been caught. It was painfully overlooked in internal testing that was focused on more advanced functionality related to the upgrade.

    — Osmosis 🧪 (@osmosiszone) June 8, 2022

    SPECIAL OFFER (Sponsored)
    Binance Free $100 (Exclusive): Use this link to register and receive $100 free and 10% off fees on Binance Futures first month (terms).

    PrimeXBT Special Offer: Use this link to register & enter POTATO50 code to receive up to $7,000 on your deposits.

    You Might Also Like:

    • Tornado
      15% of Tornado Deposits Are From Ronin Exploiter: Data
    • hack_cover
      $3 Million in DAI and ETH Stolen From Deus Finance in the Latest DeFi Hack
    • defi_hack_cover
      DeFi Protocols Agave, Hundred Finance Hacked: Attacker Steals $11M Worth of Crypto
    Tags: Cosmos (ATOM) DeFi Hacking
    Enjoy reading? Share with your friends
    Facebook Twitter LinkedIn Telegram

    About The Author

    Chayanika Deka
    More posts by this author

    Chayanika has been working as a financial journalist for three years. A graduate in Political Science and Journalism, her interest lies in regulatory implications with a focus on technological evolution in the crypto realm. Contact:Linkedin

  • bitcoin
    BTC$23,708.00
  • ethereum
    ETH$1,742.43
  • Join Our Community

    FacebookTwitter YouTubeTelegram


    Editorials
    Users in Web3 Will Do a lot More Than Just Trade Crypto: Cronos’ Ken Timsit (Interview)

    Users in Web3 Will Do a lot More Than Just Trade Crypto: Cronos’ Ken Timsit (Interview)

    Institutions Are Starting to Buy Back: Interview with Nansen

    Institutions Are Starting to Buy Back: Interview with Nansen

    Top 5 Most Common Scams Related to Ethereum 2.0

    Top 5 Most Common Scams Related to Ethereum 2.0

    What is the Merge? What You Need to Know About the Transition to Ethereum 2.0

    What is the Merge? What You Need to Know About the Transition to Ethereum 2.0

    These are the Bear Market Benefits, and the Future of NFTs: DappRadar CEO (Interview)

    These are the Bear Market Benefits, and the Future of NFTs: DappRadar CEO (Interview)

    5 Common Mistakes to Avoid During a Crypto Bear Market

    5 Common Mistakes to Avoid During a Crypto Bear Market

    The Cardano Roadmap Eras Explained: Byron, Shelley, Goguen, Basho, and Voltaire

    The Cardano Roadmap Eras Explained: Byron, Shelley, Goguen, Basho, and Voltaire

    Join Our Newsletter
    Become a CryptoPotato VIP
    One Weekly Email Can Change Your Crypto Life.
    Sign-up FREE to receive our extended weekly market update and coin analysis report
    We NEVER send spam. You can unsubscribe at any time.
    Invalid email address
    Thanks for subscribing!
    Footer Logo
    About
    Advertise on CryptoPotato
    About Us | Contact Us | Careers

    Terms of service | Privacy Policy | GDPR
    More Sections
    IEO List | Evaluations
    Airdrops
    Scholarship
    Cannabis Stocks News | Market Analysis
    Disclaimer
    Disclaimer: Information found on CryptoPotato is those of writers quoted. It does not represent the opinions of CryptoPotato on whether to buy, sell, or hold any investments. You are advised to conduct your own research before making any investment decisions. Use provided information at your own risk. Full disclaimer
    © Copyright CryptoPotato 2016 - 2021
    Scroll to top
    One Weekly Email Can Change Your Crypto Life.

    Sign-up FREE to receive our extended weekly market update and coin analysis report

    We never send SPAM. You can unsubscribe at any moment
    Invalid email address
    Thanks for subscribing!