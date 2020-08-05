Attackers have actually made use of a vulnerability in the Opyn ETH Put agreement to win more than $370,000

One of the very first members of Crypto Twitter to report on the theft, DegenSpartan, stated onAug 4 that the traders utilized flash loans to purchase Ethereum Put oTokens (oETH) fromUniswap They then apparently picked an ERC20 token– in this case, USD Coin (USDC)– as security and worked out the trading alternative.

The result was apparently a double transfer which successfully “stole” the security. According to blockchain records, the enemies got both their initial Ethereum (ETH) deposits and USDC choices.

In aAug 4 blog site from Opyn, the platform approximates losses from the exploit at 371,260 USDC however stated this quantity might alter.

“This exploit allowed an attacker to ‘double exercise’ oTokens and steal the collateral posted by certain sellers of these puts.”

Pulling liquidity rapidly

Opyn understood something was taking place within the day and provided a statement on Twitter, stating it had actually eliminated liquidity from Uniswap throughout its examination.

Hey all, it appears like there has actually been a problem with some oTokens agreements. We are striving on comprehending this concern so we can let assist users as finest we can. We have actually eliminated liquidity from Uniswap in the mean time. Would be finest to not open brand-new vaults at the minute. — opyn (@opyn_)August 4, 2020

Attempting to avoid more abuse of this loophole, Opyn recuperated 439,170 USDC of security from exceptional vaults utilizing a white hat hack, successfully returning it to Put sellers. However, some users were still not surprisingly distressed at the loss and postponed reaction:

Screenshots from Opyn Discord chat

According to Opyn co-founder Alexis Gauba in a Discord chat session, the platform has actually used to purchase any ETH Put oTokens “at above market prices,” which she stated were 20% above the very best ask cost atDeribit

“This only applies to oTokens that were bought before today,” Gauba stated. The last upgrade she published specified Opyn was dealing with a strategy “to mitigate impact for ETH put sellers.”