1. BITBILIHome
  2. Article

ZKSync-based Era Lend suffers $3.4 million loss in DeFi exploit

36 views

TL;DR Breakdown

  • Era Lend, a lending protocol on the zkSync network, suffered a $3.4 million loss due to a ‘read-only reentrancy attack’, which allowed the attacker to withdraw funds repeatedly.
  • The attack also impacted the stablecoin USDC+, issued by the Overnight Finance protocol, resulting in a potential loss of over $261,000.
  • In response, Era Lend paused its zkSync contracts to prevent further exploits, highlighting the ongoing security challenges in the DeFi sector.

Description

According to a recent report by blockchain security firm BlockSec, Era Lend, a decentralized lending protocol operating on the zkSync Layer 2 network, has fallen victim to a ‘read-only reentrancy attack’ resulting in a loss of $3.4 million.  The attacker exploited a vulnerability that allowed repeated calls to a function within a single transaction, withdrawing … Read more

According to a recent report by blockchain security firm BlockSec, Era Lend, a decentralized lending protocol operating on the zkSync Layer 2 network, has fallen victim to a ‘read-only reentrancy attack’ resulting in a loss of $3.4 million. 

The attacker exploited a vulnerability that allowed repeated calls to a function within a single transaction, withdrawing more funds than they were entitled to. Also, the exploit involved manipulating a contract to report outdated values that hadn’t been updated yet, taking advantage of a faulty price oracle that Era Lend relied upon.

The impact and response

The attack had repercussions on the stablecoin USDC+, issued by the Overnight Finance protocol, resulting in a potential loss of over $261,000, which represents 7.86% of the total value of the collateral supporting the stablecoin. 

In response to the attack, Era Lend paused the protocol’s zkSync contracts to prevent further exploits. The team also advised users that only the USDC pool was compromised. According to an official statement on Discord, the Era Lend team assured that the security of other assets remains intact—but borrowing operations on the platform have been temporarily halted.

“We have detected and confirmed a cyber attack on our platform. We want to assure you that the attack has been contained, and the threat actor can no longer continue their actions.”

Era Lend Team

The Era Lend exploit has raised concerns for other projects based on the Syncswap project, from which Era Lend is a fork. Security analysts have warned that these projects might also be susceptible to similar exploits. The incident underscores the need for auditors to utilize specialized software to identify these vulnerabilities more effectively, as read-only reentrancy attacks can evade traditional scrutiny and remain harder to identify during auditing processes.

Era Lend operates on the zkSync network, an Ethereum layer-2 rollup utilizing zero-knowledge proofs. As of April, the total value locked in the zkSync network surpassed $110 million. Despite the recent exploit, the network’s developers have ambitious plans to establish an ecosystem of interoperable chains named “Hyperchains” by December 2023.

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

文章来源于互联网:ZKSync-based Era Lend suffers $3.4 million loss in DeFi exploit

Disclaimers:

1. You are solely responsible for your investment decisions and this info is not liable for any losses you may incur.

2. The copyright of this article belongs to the writer, it represents the writer's opinions only, not represents the site's ones. Not financial advice.

Previous 2023年7月26日 17:11
Next 2023年7月26日 18:31

Related articles

  • U.S. and China’s little money magic friendship strategy

    Description It seems the tides might be shifting in the stormy sea of U.S.-China relations. Both superpowers, technically arch-rivals on the world stage, appear to be quietly rolling out a strategy to mend fences. The point of this endeavor? Apparently economic and financial cooperation. I’m gonna tell you all about it. Contents hide 1 Covert Moves … Read more It seems the tides might be shifting in the stormy sea of U.S.-China relations. Both superpowers, technically arch-rivals on the world stage, appear to be quietly rolling out a strategy to mend fences. The point of this endeavor? Apparently economic and financial cooperation. I’m gonna tell you all about it. Contents hide 1 Covert Moves Toward Collaboration 2 Sowing Seeds of Dialogue and Stability 3 Past Frictions and Future Hopes 4 Keeping an Eye on China’s Internal Dynamics Covert Moves Toward Collaboration Recent developments hint at a newfound willingness from both Washington and Beijing to engage constructively. The U.S. Treasury Secretary, Janet Yellen, and China’s Vice-Premier, He Lifeng, have been selected to spearhead two working groups devoted to addressing pressing economic…

    Article 2023年9月23日

  • Here are the crypto affairs of the day – What happened?

    TL;DR Breakdown There was a major shift in crypto markets today, Binance has withdrawn its license application with the German regulator. A study by CFA Institute shows that a high number of Indian and Chinese respondents support CBDCs. Judge Philip Jeyaretnam of the High Court of Singapore ruled on July 25 that crypto is a property that can be held in trust. Description Need to know what transpired today in crypto? Here is the most recent news regarding daily trends and events affecting the Bitcoin price, blockchain, DeFi, NFTs, Web3, and crypto regulation. According to a recent survey conducted by the CFA Institute, investment professionals in emergent markets and developed markets are divided on the concept of a … Read more Need to know what transpired today in crypto? Here is the most recent news regarding daily trends and events affecting the Bitcoin price, blockchain, DeFi, NFTs, Web3, and crypto regulation. According to a recent survey conducted by the CFA Institute, investment professionals in emergent markets and developed markets are divided on the concept of a central bank digital currency….

    Article 2023年7月27日

  • Weekly Crypto Price Analysis: BTC, ETH, BNB, XRP, and ADA

    TL;DR Breakdown Weekly crypto price analysis reveals major coins have been trading in mixed reaction for the past week. Bitcoin (BTC) has been trading above $30k for most of the days in the past week. Ethereum price analysis has successfully broken above the 1,800 level for the past few days. Description Weekly crypto price analysis shows that most of the coins have been trading in mixed reaction, with bulls and bears being equally active in the market. For the whole of the week, the top coins have remained rangebound between their key support and resistance levels. The price of Bitcoin continues to struggle at just around … Read more Weekly crypto price analysis shows that most of the coins have been trading in mixed reaction, with bulls and bears being equally active in the market. For the whole of the week, the top coins have remained rangebound between their key support and resistance levels. The price of Bitcoin continues to struggle at just around $31,000.A tight consolidation close to the overhead resistance is encouraging, but short-term liquidations could happen if…

    Article 2023年7月10日

  • Coinbase’s Base blockchain hits new remarkable milestone

    TL;DR Breakdown Coinbase’s layer-2 blockchain Base has hit a remarkable 1.8 million transactions in a single day. Ethereum layer-2 ecosystems continue to evolve. Description Coinbase’s layer 2 blockchain, Base, has been making waves in the cryptocurrency world since its launch in early August. Recent data from IntoTheBlock reveals that the blockchain has reached an all-time high in daily transactions, with 1.88 million transactions on a single day, surpassing its layer 2 rivals Arbitrum and Optimism combined, which recorded 780,000 … Read more Coinbase’s layer 2 blockchain, Base, has been making waves in the cryptocurrency world since its launch in early August. Recent data from IntoTheBlock reveals that the blockchain has reached an all-time high in daily transactions, with 1.88 million transactions on a single day, surpassing its layer 2 rivals Arbitrum and Optimism combined, which recorded 780,000 and 370,000 transactions, respectively. Base blockchain daily transactions surpass Arbitrum and Optimism The interesting aspect is that the surge in the blockchain’s activity is not being driven by decentralized finance (DeFi) applications or non-fungible token (NFT) marketplaces, as one might expect. According to…

    Article 2023年9月17日

  • I asked ChatGPT: When is the next crypto bull run if we are ever going to have one again?

    TL;DR Breakdown ChatGPT-4 provides insights into the possible timing and indicators of the next cryptocurrency ‘bull run’. Bull runs typically follow bear markets, suggesting a possible resurgence as market stability and investor confidence return. GPT-4 speculates the next bull run could potentially occur within the next 6 to 8 months based on recovery patterns from previous bear markets. As investors globally grapple with the aftermath of the 2022 cryptocurrency winter, a burning question lingers on everyone’s lips: “When is the next crypto bull run if we are ever going to have one again?” In search of answers, we sought insights from the cutting-edge AI language model, ChatGPT, to explore the potential trajectory of the cryptocurrency market. Market cycles and bull runs As we delve into this labyrinthine world of cryptocurrency, GPT-4 offers a unique perspective based on its extensive understanding of the subject. This AI model acknowledges the inherent difficulty in predicting exact timeframes for a bull run but underlines the cyclic nature of the cryptocurrency market as a potential predictor. It highlights that bull runs have historically succeeded bear…

    Article 2023年6月9日
TOP