2023-12-14 21:32 |
In a recent development, decentralized finance (DeFi) protocol Yearn Finance faced a major setback as a faulty script led to the inadvertent swap of 63% of its treasury.
The incident occurred during a routine token conversion process, impacting Yearn’s protocol-owned liquidity (POL) but leaving user funds unscathed. This article delves into the details of the incident, the technical aspects involved, and the steps Yearn Finance is taking to address the aftermath.
The script error that drained Yearn Finance’s treasuryAccording to a post on Github, a faulty multisig script triggered the swap of Yearn Finance’s entire treasury balance of 3,794,894 lp-yCRVv2 tokens. This mishap occurred during a standard fee token conversion process on behalf of Yearn’s treasury. Importantly, this loss exclusively involved protocol-owned liquidity (POL) and did not affect user funds.
The faulty script, which lacked sufficient output checks and contained a logical error, caused the entire lp-yCRVv2 treasury balance to be transferred to the trading multisig. This exceeded the expected fees portion, resulting in a substantial loss amounting to 63%.
Notably, the incident prompted a call from Yearn Finance for users who profited from the market movement caused by the error to return a reasonable amount to Yearn’s main multisig wallet (0xFEB4acf3df3cDEA7399794D0869ef76A6EfAff52).
The Yearn Finance (YFI) token remained relatively calm following the incident oscillating between a low of $8,166.96 and a high of $8,465.69.
Safeguarding the future: Yearn’s responseTo prevent such mishaps in the future, Yearn Finance is taking proactive steps. Developers plan to implement several safeguards, including the separation of POL funds into dedicated manager contracts, the introduction of more human-readable output messages on trading scripts, and the enforcement of stricter price impact thresholds.
This incident follows earlier exploits in Yearn Finance’s history, emphasizing the ongoing challenges and risks associated with DeFi protocols. As the ecosystem evolves, these experiences contribute to the maturation of DeFi platforms, including Yearn Finance, driving the implementation of enhanced security measures and risk mitigation strategies.
The post A costly script error: Yearn Finance loses 63% of its treasury appeared first on Invezz
Similar to Notcoin - Blum - Airdrops In 2024
yearn.finance (YFI) на Currencies.ru
|
