Deus Finance suffered a $3 Million exploit involving the manipulation and manipulation of Muon its oracle.
Peckshield claims that the hack could lead to greater losses for the protocol, including 200,000 DAI and 1101.8ETH.
This exploit was carried out using a flash Loan, which allows users to borrow money and then return it within the same smart contract function. Flash Loans can be used to capitalize on arbitrage opportunities, which involve the difference between one token’s price in several DeFi protocols.
Deus Finance is reliant on OracleSo called MuonIt will provide offchain data to its smart contract. In this instance, the flash loan used TornadoCash to manipulate the price oracle which updates the price from a USDC/DEI pool. This created a depeg between token pairs and rendered users insolvent. After bridging funds from the Fantom chain, TornadoCash was used by the unknown exploiter to obfuscate smart contracts transactions and make traceability more difficult.
It is possible to see the complete transaction execution Here.
According to the project’s website, Deus Finance Evolution is a DeFi platform that provides open-source infrastructure allowing third parties to build financial instruments such as synthetic stock, options, and prediction market trading platforms.
The project works with the Avalanche, Ethereum, Polygon, and Fantom blockchains. It uses the native token DEI as a cross-chain stablecoin. Users can send a stablecoin on any compatible chain to claim it on the opposite side with zero slippage. Deus also uses DEI as a collateral mechanism for any third-party applications.
The protocol’s core developer has been tweeted a reimbursement notice to assure that the team is working to fix the problem we will reimburse everyone who was affected by the exploit viaA smart contract. This will enable affected users to recover any losses. The reimbursement will be paid through the team’s personal and DEUS DAO funds.
Additionally, Lafayette Tabor(the core developer that was mentioned above) Publiziert a post mortem on the project’s Medium channel stating the following post-hack actions:
“Your funds and our system are safe, we deactivated all affected contracts and have been in contact with MUON to upgrade our oracles immediately to mitigate further risks for future implementations, we also contacted some security researchers to take a look at our architecture.”
Just over a week ago, prominent DeFi developers Anton Neil & Andre Cronje made the controversial choice to hack. Stop contributing in the crypto space. Much of Cronje’s work was related to projects in the Fantom ecosystem. Fantom token traded at $1.08 after the announcement, a drop of 68.8% compared to its $3.46 high in October 2021.
Deus Finance responded to Anton Nell’s March 6th tweet (announcing his resignation from the crypto space), announced its intention of capturing some of the NFT space market shares by building a money market on top of the veNFT so users could hold liquid positions against their NFTs, borrow against, and sell them in the market.
Since its Oct. 2021 inception, Deus has seen a significant price movement. The price of Deus has increased by 1,267% over the last 60 days. Its record low was $23.58. At the moment, it sits at $425.