Terra-Based Mirror Protocol Suffers $90 Million Unnoticed Exploit

Azeez Mustapha


Unlock Daily Forex Signals

Select a Plan


1 - month



3 - month



6 - month






Separate Swing Trading Group



Get VIP forex signals, VIP crypto signals, swing signals, and forex course free for lifetime.

Just open an account with one our affiliate broker and make a minimum deposit: 250 USD.

Email [email protected] with a screenshot of funds on account to get access!

Sponsored by

Sponsored Sponsored

Service for copy trading. Our Algo automatically opens and closes trades.


The L2T Algo provides highly profitable signals with minimal risk.


24/7 cryptocurrency trading. While you sleep, we trade.


10 minute setup with substantial advantages. The manual is provided with the purchase.


79% Success rate. Our outcomes will excite you.


Up to 70 trades per month. There are more than 5 pairs available.


Monthly subscriptions begin at £58.

Until last week, Mirror Protocol, a DeFi protocol on the old Terra blockchain, suffered a $90 million exploit that went largely unnoticed. According to reports, the exploit occurred on the DeFi project in October 2021.

Mirror Protocol is a DeFi platform that allows users to take trading positions on tech stocks using synthetic assets.

The exploit was unraveled by a prominent Terra community member and analyst nicknamed “FatMan.”

Blockchain security company BlockSec corroborated FatMan’s findings after analyzing the exploit transaction in question.

The Mirror Protocol Exploit Explained

Whenever a user of Mirror Protocol wants to short a tech stock, they are required to lock some amount of collateral, including UST, LUNA Classic (LUNC), and mAssets, for a minimum of two weeks. After the trade and the minimum holding period elapses, the user could unlock the collateral and release funds to their wallet. This entire process was made possible with the help of smart contract-generated ID numbers.

However, due to a bug in the protocol’s code, the lock contract could not register when someone used the same generated ID number to withdraw funds multiple times.

In October 2021, an unknown platform user discovered this bug and realized they could use duplicate IDs to unlock more collateral than they had. This gave perpetrators the ability to withdraw funds without any authorization. After repeated exploits, the amount of collateral stolen ran up to $90 million in seven months.

The Mirror Protocol incident is one of the rare events where an exploit went unnoticed for a prolonged period, despite on-chain data. Blockchain projects are usually quick to report security breaches for transparency purposes.

BlockSec explained that the exploit likely went under the radar for as long as it did because fewer people were scouring the Terra blockchain for issues compared to other blockchains like Ethereum.

The Mirror Protocol team or Terraform Labs have yet to comment on the issue.


You can purchase Lucky Block here. Buy LBlock

  • Broker
  • Benefits
  • Min Deposit
  • Score
  • Visit Broker
  • Award-winning Cryptocurrency trading platform
  • $100 minimum deposit,
  • FCA & Cysec regulated
$100 Min Deposit
  • 20% welcome bonus of upto $10,000
  • Minimum deposit $100
  • Verify your account before the bonus is credited
$100 Min Deposit
  • Over 100 different financial products
  • Invest from as little as $10
  • Same-day withdrawal is possible
$250 Min Deposit
  • The Lowest Trading Costs
  • 50% Welcome Bonus
  • Award-winning 24 Hour Support
$50 Min Deposit
  • Fund Moneta Markets account with a minimum of $250
  • Opt in using the form to claim your 50% deposit bonus
$250 Min Deposit

Share with other traders!

Azeez Mustapha

Azeez Mustapha is a trading professional, currency analyst, signals strategist, and funds manager with over ten years of experience within the financial field. As a blogger and finance author, he helps investors understand complex financial concepts, improve their investing skills, and learn how to manage their money.

Leave a Reply

Your email address will not be published. Required fields are marked *