Second exploit on DeFi platform bZx

Second exploit on DeFi platform bZx

The DeFi platform, which was only attacked a few days ago, fell victim to a second attack. Almost 3,000 ETH have been stolen again. What does that mean for DeFi?

Are the concerns of DeFi critics true? bZx was the victim of an exploit less than a week ago . One wonders whether the team behind bZx and Fulcrum has learned anything at all, since the new attack vector is very similar to the one already known: Again, everything started with a flash loan, this time over 7,500 ETH. Just under half of them used the attackers on Synthetix to acquire $ 940,000 in sUSD. With 900 ETH, the price of sUSD on the decentralized exchanges Kyber and Uniswap was manipulated to over $ 2.

With this alone, the attackers have already made a lot of money, but it went on: With the large amount of sUSD, the price of which was just above a US dollar, the attackers now borrowed almost 7,000 ETH. The money was used to repay the flash loan - and to close the coup with a profit of almost 3,000 ETH.

For the ETH Pool of bZx, this meant that it went back down again. The equivalent of $ 1.8 million flowed from this liquidity pool. After all, bZx was pleased with new liquidity in the sUSD pool - this rose by $ 1.1 million. According to Adam Riese, bZx made another loss of almost $ 700,000.

The battle for the last ether tokens

One could say cynically: for those who are still loyal to bZx and store ether, the investment is worthwhile. Interest rates of over 40 percent are a specialty even in the DeFi area:

ETH liquidity there is very low because people are rapidly withdrawing their lent funds out of rightful concern.

Your ETH will likely be withdrawn by another lender as soon as you deposit it.

But one can agree with Chris Blec's concerns: Such an investment would involve an unacceptable risk. Currently you should stay away from bZx. BZx's ether reserves are idle. Other investors are currently looking to withdraw their funds. Accordingly, the additional capital invested by a risk-taking investor would quickly be gone. The investor would have to wait for money to flow in again. And since bZx's reputation is currently badly damaged, it can take time. Not least because the Fulcrum platform was paused again.

What does the De in DeFi stand for?

With recent developments, it is understandable that criticism of DeFi is omnipresent on Twitter. On the one hand, it is not without a certain amount of humor if the same platform is shown twice in a few days. One could say that the exploits were not caused by a real security hole. No Oracle was corrupted and no admin key was used. The downside of this attempt at defense, however, is that, strictly speaking, the attacker's trade actions could be considered a legitimate trade. The attacks show in a very drastic way the consequences of a lack of liquidity in the DeFi markets. As long as this does not increase dramatically or DeFi protocols prohibit corresponding actions by stricter rules, this can also happen on other platforms.

"Prohibit appropriate actions" also provides the next keyword for the criticism present on Twitter & Co. How decentralized are projects like bZx & Co. if you can stop the whole decentralized finance project with an admin key? In the end, isn't DeFi just something like IOTA with a central coordinator?

Here, however, a distinction must be made between the individual project and the DeFi ecosystem as a whole. Sure, MakerDAO, like all other major DeFi projects, has been central so far. In this context it would be very exciting to see the development of a really decentralized DeFi project. At least the well-known cannot say that about themselves.

But something else applies to the DeFi sector as a whole: by definition, it is decentralized. The attacks on bZx also showed this - albeit in a negative way. The interaction between bZx, Kyber, Uniswap and Synthetix is ​​an example of the interactions in this ecosystem. This interplay of different DeFi applications is really decentralized.

According to bZx: New risk management for DeFi

Sure, this decentralization only makes the systems even more complex. It is no longer sufficient to audit your own smart contracts or to think about the OPSec to consider an admin key. Possibilities for interaction with other projects should be assessed. Likewise, developer systems will have to think about how to deal with the low liquidity at the moment. The problem is that there is currently enough capital to tilt the DeFi stores. The exploits of bZx were a menace in this regard.

Despite or precisely because of these risks, the DeFi ecosystem is a very exciting system. In this, the interaction within decentralized, complex interrelationships from different applications can be studied. The knowledge gained from this will not only strengthen DeFi, but will generally benefit all interactions between decentralized applications. As painful as it may be for bZx at the moment, this will help DeFi and the entire crypto scene.

► Get it here: https://amzn.to/2CLBOgK

►Website: http://axtschmiede.com

Support My Work On Patreon https://www.patreon.com/zealftw

If you want to support me for free then you can do so via the following options, thank you!

Use the Bittube browser And Make Money While Browsing! Here’s the link: https://bittubeapp.com/?ref?2JXLODL50

Publish0x – a place where both Readers and Bloggers Earn Crypto https://www.publish0x.com/?a=open5lPd7A

Earn Bitcoin through one of the oldest Faucets https://freebitco.in/?r=18413045

Earn Litecoin http://moonliteco.in/?ref=b50d5a9004e3

Earn BItcoin Cash http://moonbitcoin.cash/?ref=536CAB98A8B8

Earn BTC http://moonbit.co.in/?ref=17c0b775e45a

Join me On Minds and earn even more Cryptocurrency! https://www.minds.com/register?referrer=THauerBYI

Signup and get a FREE Guide on How To Create your Morning Routine! https://mailchi.mp/f5cabc2538c0/selfimprovement

If you like my posts then support me through the links in my bio, thank you!