1. BITBILIHome
  2. Article

ZKSync-based Era Lend suffers $3.4 million loss in DeFi exploit

129 views

TL;DR Breakdown

  • Era Lend, a lending protocol on the zkSync network, suffered a $3.4 million loss due to a ‘read-only reentrancy attack’, which allowed the attacker to withdraw funds repeatedly.
  • The attack also impacted the stablecoin USDC+, issued by the Overnight Finance protocol, resulting in a potential loss of over $261,000.
  • In response, Era Lend paused its zkSync contracts to prevent further exploits, highlighting the ongoing security challenges in the DeFi sector.

Description

According to a recent report by blockchain security firm BlockSec, Era Lend, a decentralized lending protocol operating on the zkSync Layer 2 network, has fallen victim to a ‘read-only reentrancy attack’ resulting in a loss of $3.4 million.  The attacker exploited a vulnerability that allowed repeated calls to a function within a single transaction, withdrawing … Read more

According to a recent report by blockchain security firm BlockSec, Era Lend, a decentralized lending protocol operating on the zkSync Layer 2 network, has fallen victim to a ‘read-only reentrancy attack’ resulting in a loss of $3.4 million. 

The attacker exploited a vulnerability that allowed repeated calls to a function within a single transaction, withdrawing more funds than they were entitled to. Also, the exploit involved manipulating a contract to report outdated values that hadn’t been updated yet, taking advantage of a faulty price oracle that Era Lend relied upon.

The impact and response

The attack had repercussions on the stablecoin USDC+, issued by the Overnight Finance protocol, resulting in a potential loss of over $261,000, which represents 7.86% of the total value of the collateral supporting the stablecoin. 

In response to the attack, Era Lend paused the protocol’s zkSync contracts to prevent further exploits. The team also advised users that only the USDC pool was compromised. According to an official statement on Discord, the Era Lend team assured that the security of other assets remains intact—but borrowing operations on the platform have been temporarily halted.

“We have detected and confirmed a cyber attack on our platform. We want to assure you that the attack has been contained, and the threat actor can no longer continue their actions.”

Era Lend Team

The Era Lend exploit has raised concerns for other projects based on the Syncswap project, from which Era Lend is a fork. Security analysts have warned that these projects might also be susceptible to similar exploits. The incident underscores the need for auditors to utilize specialized software to identify these vulnerabilities more effectively, as read-only reentrancy attacks can evade traditional scrutiny and remain harder to identify during auditing processes.

Era Lend operates on the zkSync network, an Ethereum layer-2 rollup utilizing zero-knowledge proofs. As of April, the total value locked in the zkSync network surpassed $110 million. Despite the recent exploit, the network’s developers have ambitious plans to establish an ecosystem of interoperable chains named “Hyperchains” by December 2023.

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

文章来源于互联网:ZKSync-based Era Lend suffers $3.4 million loss in DeFi exploit

Disclaimers:

1. You are solely responsible for your investment decisions and this info is not liable for any losses you may incur.

2. The copyright of this article belongs to the writer, it represents the writer's opinions only, not represents the site's ones. Not financial advice.

Previous 2023年7月26日 17:11
Next 2023年7月26日 18:31

Related articles

  • Canada’s new recommendations shake up crypto market amidst U.S. chaos

    TL;DR Breakdown The Canadian House of Commons Standing Committee on Industry and Technology has presented a series of recommendations to the Government of Canada to support and nurture the blockchain and cryptocurrency industry. One of the primary recommendations of the committee is for the government to officially recognize blockchain as an emerging industry with significant economic and employment prospects. The report emphasizes the importance of educational initiatives to inform the public about the risks and benefits associated with cryptocurrencies. Description Canada is taking a more comprehensive approach to embracing blockchain technology amidst the fragmented and tumultuous regulatory landscape for digital assets in the United States. The Canadian House of Commons Standing Committee on Industry and Technology has released a detailed report titled “Blockchain Technology: Cryptocurrencies and Beyond,” presenting a series of recommendations to the Government … Read more Canada is taking a more comprehensive approach to embracing blockchain technology amidst the fragmented and tumultuous regulatory landscape for digital assets in the United States. The Canadian House of Commons Standing Committee on Industry and Technology has released a detailed report titled…

    Article 2023年7月2日

  • Chinese yuan hits new low: BRICS brace for impact

    TL;DR Breakdown The Chinese yuan is nearing a 15-year low, which may impact the BRICS alliance and its developing currency. The upcoming BRICS summit will focus on the implications of the yuan’s fall, especially on the potential BRICS native alternative currency. The Chinese Central Bank promises to stabilize the yuan and increase support for the broader economy. Description As an unforgiving tide seems to sweep across China’s economic landscape, its currency, the yuan, teeters precariously on the brink of a 15-year trough. This plummeting trajectory of the yuan doesn’t only affect China, but it sends reverberations through the BRICS alliance, leaving the members bracing for the impending consequences. The undeniable impact on BRICS … Read more As an unforgiving tide seems to sweep across China’s economic landscape, its currency, the yuan, teeters precariously on the brink of a 15-year trough. This plummeting trajectory of the yuan doesn’t only affect China, but it sends reverberations through the BRICS alliance, leaving the members bracing for the impending consequences. The undeniable impact on BRICS The BRICS conglomerate, comprising of Brazil, Russia, India, China,…

    Article 2023年7月4日

  • Corporate depositors push US banks for higher interest rates

    TL;DR Breakdown Corporate depositors are pushing US banks for higher interest rates, putting pressure on banks’ profit margins. US banks, having benefited from raising loan rates faster than savings interest rates, are now facing challenges as clients shift funds to higher-yielding accounts. Banks such as Bank of America, PNC, and BNY Mellon have reported drops in net interest income. Description The dynamics of the banking sector are undergoing a seismic shift as corporate depositors urge US banks to offer higher interest rates. This move is causing ripples of concern for the profitability of these financial institutions and underscores the growing challenges they face in generating revenue amidst tightening monetary policy. Corporate Demand Squeezes US Bank … Read more The dynamics of the banking sector are undergoing a seismic shift as corporate depositors urge US banks to offer higher interest rates. This move is causing ripples of concern for the profitability of these financial institutions and underscores the growing challenges they face in generating revenue amidst tightening monetary policy. Corporate Demand Squeezes US Bank Margins In the wake of aggressive rate…

    Article 2023年7月20日

  • HSBC’s H1 net profit more than doubles – What’s next?

    TL;DR Breakdown HSBC’s net profit more than doubled in the first half of 2023, reaching $18.1 billion, driven by strategic decisions and higher net interest income. The bank’s board approved a second interim dividend and a $2 billion share buyback, and the CEO expects to exceed pre-pandemic dividend levels by year’s end. Description The financial world is always on the lookout for a success story, and HSBC’s latest report is nothing short of triumphant. As Europe’s largest bank by assets, HSBC’s net profit soared to a staggering $18.1 billion in the first half of this year, a leap that more than doubled the $9 billion from the same … Read more The financial world is always on the lookout for a success story, and HSBC’s latest report is nothing short of triumphant. As Europe’s largest bank by assets, HSBC’s net profit soared to a staggering $18.1 billion in the first half of this year, a leap that more than doubled the $9 billion from the same period in the previous year. But what’s next for HSBC? The answer is a…

    Article 2023年8月2日

  • Gemini Teases XRP Relisting Soon Following Ripple’s SEC Lawsuit Victory

    TL;DR Breakdown Gemini teases the potential relisting of XRP following Ripple’s legal win against the SEC, which has led to a surge in XRP’s trading volume and price. Gemini’s CEO, Cameron Winklevoss, expresses optimism about Bitcoin accumulation, as spot Bitcoin ETF filings signal growing institutional interest in the leading cryptocurrency. Description United States-based cryptocurrency exchange Gemini has hinted at plans to relist the XRP token on its platform, following Ripple‘s recent legal victory in the U.S. Securities and Exchange Commission (SEC) lawsuit. The development comes in the wake of several top crypto exchanges, including Coinbase and Kraken, already reinstating XRP trading after the July 13, 2023 … Read more United States-based cryptocurrency exchange Gemini has hinted at plans to relist the XRP token on its platform, following Ripple‘s recent legal victory in the U.S. Securities and Exchange Commission (SEC) lawsuit. The development comes in the wake of several top crypto exchanges, including Coinbase and Kraken, already reinstating XRP trading after the July 13, 2023 Summary Judgment by Judge Analisa Torres. Her ruling effectively reopened the doors for XRP trading on…

    Article 2023年7月22日
TOP