3 - 6 minute read
The decentralized finance (DeFi) space has experienced rapid growth in recent years, with many platforms offering innovative financial instruments through the use of smart contracts on a blockchain. However, the hack on Defrost Finance, a decentralized leveraged trading platform on the Avalanche blockchain, highlights the risks and vulnerabilities that DeFi platforms can face. In this hack, both Defrost V1 and V2 were impacted, resulting in investors losing their staked Defrost Finance (MELT) and Avalanche AVAX tokens from their MetaMask wallets. The hack, which was a flash loan attack, resulted in a loss of over $12 million for users.
Decentralized exchanges (DEXs) are a key component of DeFi platforms and offer financial transactions through the use of smart contracts on a blockchain. DEXs are built on a multi-layered DeFi architecture that includes layers for settlement, assets, protocols, and applications. The settlement layer refers to the infrastructure that facilitates the transfer of assets between parties, such as the Ethereum blockchain. The asset layer refers to the digital assets that are being traded, such as cryptocurrencies. The protocol layer includes the rules and standards that govern the interactions between the settlement and asset layers.
Defrost Finance is sad to announce that our V2 has suffered a hack, with an attacker using a flash loan function to withdraw funds.— Defrost Finance 🔺 (@Defrost_Finance) December 24, 2022
The V1 is not affected. We will soon close the V2 UI and investigate further with our tech team.
Updates will be posted on our official channels.
The application layer consists of the user interfaces and applications that allow users to interact with the DeFi platform. DEX aggregators also have an additional layer, known as the aggregator layer, which allows them to connect and interact with other DEXs through smart contracts. This allows DEX aggregators to offer a wider range of assets and to potentially offer higher liquidity for users.
Errors and Hacking
While DeFi platforms offer many benefits, they are not immune to errors and hacking. The Defrost Finance hack is just one example of the risks that DeFi platforms can face. In this case, the hacker manipulated the share price of LSWUSDC, resulting in a gain of around $173,000 for the hacker and a loss of over $12 million for users. Blockchain investigator PeckShield found that the hacker used a fake collateral token and a malicious price oracle to liquidate current users.
The Defrost Finance hack highlights the importance of proper security measures and risk management for DeFi platforms. It also highlights the need for user education, as some members of the community have suspected a “rug-pull” situation, where the platform deliberately exits and takes user funds with them.
The DeFi space is largely unregulated, with many platforms operating outside of traditional financial systems; though this may soon change. This can make it difficult for users to seek recourse in the event of a hack or other issue. Some have called for greater regulation of the DeFi space to protect users and ensure that platforms are operating in a transparent and fair manner.
The Securities and Exchange Commission (SEC) has taken a more proactive approach to regulating the cryptocurrency industry in recent years, with some speculating that it could potentially ban centralized crypto exchanges. In December 2022, the SEC brought charges against Caroline Ellison and Gary Wang, former CEO and co-founder of FTX respectively, in a case that could lead to greater regulatory efforts in the crypto industry. The SEC views all crypto assets as securities, regardless of how they are offered or sold, which could expose major exchanges like Coinbase, Kraken, and Binance to significant legal liability and potentially force them to participate in registered exchanges or shut down. It is worth noting that the SEC has not yet taken any action to ban crypto exchanges and has previously indicated that it is open to considering applications for cryptocurrency-based exchange-traded funds. Investors should be cautious and carefully consider the risks before investing in crypto assets.
The Defrost Finance hack serves as a reminder of the risks and vulnerabilities that DeFi platforms can face. While DeFi has the potential to revolutionize the financial industry, it is important for both users and developers to be aware of these risks and to take steps to mitigate them. This includes proper security measures, risk management, and user education. As the DeFi space continues to evolve, it will be important to address these issues in order to ensure the long-term success and adoption of DeFi platforms.