Cream to Return Stolen Funds Using Protocol Fees

The protocol said in excess of $33.5 million in ether and AMP was taken in the hack.

Sep 1, 2021 at 9:06 a.m. UTC
Updated Sep 1, 2021 at 2:44 p.m. UTC

Eliza Gkritsi is CoinDesk's crypto mining reporter based in Asia.

Decentralized finance protocol Cream Finance said it will use protocol fees to repay users that lost money during Monday’s attack.

  • In a postmortem posted on Medium, the Cream Finance team said it is committing one-fifth of protocol fees until affected users have recovered all of their funds.
  • The protocol will post collateral with the AMP and Flexa teams until the debt is repaid. Affected users are invited to submit a request through a Google form.
  • Cream also revised its Monday estimate of the hack upwards. It said the hackers drained 462,079,976 AMP tokens and 2,804.96 ether, totaling upwards of $33.5 million.
  • This is the first time Cream was directly exploited, the post said, probably referring to another attack it suffered earlier this year.
  • The team has identified a main exploit and a copycat. The latter has withdrawal history on Binance, so Cream is working with the crypto exchange to identify the copycat. The two stole the funds over 17 transactions.
  • Cream is offering its usual bug bounty: If the hacker or hackers comes forward, they can keep 10% of the stolen funds.
  • The post confirmed earlier reports that the integration of ERC-777 AMP token contracts in the Cream protocol were the root cause.
  • While the AMP market integration took place in February, it was only five days before the attack that a big influx of AMP tokens on Cream made the account profitable, according to the blog post.
  • Cream said it will re-deploy AMP borrowing and lending once the vulnerability has been patched.
The Festival for the Decentralized World
Thursday - Sunday, June 9-12, 2022
Austin, Texas
Save a Seat Now

DISCLOSURE

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.

Eliza Gkritsi is CoinDesk's crypto mining reporter based in Asia.

Eliza Gkritsi is CoinDesk's crypto mining reporter based in Asia.

Trending

1
CFTC Chair Indicates Agency Will Increase Crypto Enforcement: Report

Rostin Behnam said the agency was facing a rapidly increasing number of cases and would add resources to address crypto fraud.

Rostin Behnam said the agency was facing a rapidly increasing number of cases and would add resources to address crypto fraud.

2
LimeWire Signs Deal With Universal Music for Music NFT Licensing, Blockchain Gaming in Focus

The most valuable crypto stories for Wednesday, May 18, 2022.

The most valuable crypto stories for Wednesday, May 18, 2022.

3
Capital Flight or the Seeds of the Next Cycle?

With money leaving stablecoins and the industry as a whole, is there any good news?

With money leaving stablecoins and the industry as a whole, is there any good news?

4
Bitcoin Needed to Get Its Face Ripped Off

Now is the perfect time to learn all there is to learn about the crypto world.

Now is the perfect time to learn all there is to learn about the crypto world.