Until last week, Mirror Protocol, a DeFi protocol on the old Terra blockchain, suffered a $90 million exploit that went largely unnoticed. According to reports, the exploit occurred on the DeFi project in October 2021.
Mirror Protocol is a DeFi platform that allows users to take trading positions on tech stocks using synthetic assets.
The exploit was unraveled by a prominent Terra community member and analyst nicknamed “FatMan.”
Blockchain security company BlockSec corroborated FatMan’s findings after analyzing the exploit transaction in question.
The Mirror Protocol Exploit Explained
Whenever a user of Mirror Protocol wants to short a tech stock, they are required to lock some amount of collateral, including UST, LUNA Classic (LUNC), and mAssets, for a minimum of two weeks. After the trade and the minimum holding period elapses, the user could unlock the collateral and release funds to their wallet. This entire process was made possible with the help of smart contract-generated ID numbers.
However, due to a bug in the protocol’s code, the lock contract could not register when someone used the same generated ID number to withdraw funds multiple times.
In October 2021, an unknown platform user discovered this bug and realized they could use duplicate IDs to unlock more collateral than they had. This gave perpetrators the ability to withdraw funds without any authorization. After repeated exploits, the amount of collateral stolen ran up to $90 million in seven months.
The Mirror Protocol incident is one of the rare events where an exploit went unnoticed for a prolonged period, despite on-chain data. Blockchain projects are usually quick to report security breaches for transparency purposes.
BlockSec explained that the exploit likely went under the radar for as long as it did because fewer people were scouring the Terra blockchain for issues compared to other blockchains like Ethereum.
The Mirror Protocol team or Terraform Labs have yet to comment on the issue.
You can purchase Lucky Block here. Buy LBlock
- Broker
- Min Deposit
- Score
- Visit Broker
- Award-winning Cryptocurrency trading platform
- $100 minimum deposit,
- FCA & Cysec regulated
- 20% welcome bonus of upto $10,000
- Minimum deposit $100
- Verify your account before the bonus is credited
- Over 100 different financial products
- Invest from as little as $10
- Same-day withdrawal is possible
- Fund Moneta Markets account with a minimum of $250
- Opt in using the form to claim your 50% deposit bonus
Learn to Trade
Never Miss A Trade Again
Signal Notification
Real-time signal notifications whenever a signal is opened, closes or Updated
Get Alerts
Immediate alerts to your email and mobile phone.
Entry Price Levels
Entry price level for every signal Just choose one of our Top Brokers in the list above to get all this free.
