DeFi Lending Protocol Agave's AGVE Plunges Over 20% Amid Exploit Investigation
Hundred Finance, another lending protocol on the Gnosis chain, was also exploited in an apparent “re-entrancy” attack, according to a blockchain security researcher.
Mar 15, 2022 at 7:26 p.m. UTC:format(webp)/cloudfront-us-east-1.images.arcpublishing.com/coindesk/S33VQ252JFAYTGTDLH4W2L77UM.jpeg)
(Boris Zhitkov/Getty images)
AGVE, the token of non-custodial money market and lending protocol Agave, plunged over 20% on Tuesday after the company said it’s looking into an exploit.
- “Agave is currently investigating an exploit on the agave finance protocol. We will update you as soon as we know more,” the DAO said in a tweet on Tuesday afternoon. “Contracts have been paused until we figure out how to resolve the situation."
- Hundred Finance, like Agave a multi-chain lending protocol on the Gnosis chain, was also attacked, according to a tweet from the platform. “Unfortunately Hundred and Agave have both been exploited on Gnosis chain today,” Hundred wrote. “Gnosis team is aware, investigation is ongoing. All the Hundred markets on all chains paused for now.”
- Hundred Finance’s token, HND, was modestly lower in Tuesday action.
- According to blockchain security researcher Mudit Gupta, the attack vector in both cases was a “re-entrancy attack”
- That’s made possible because “the official bridged tokens on Gnosis are non-standard and have a hook that calls the token receiver on every transfer,” Gupta wrote. According to Gupta, the attackers were able borrow back more than the collateral they were depositing, and continually repeat the process by repeatedly re-entering the system.
DISCLOSURE
Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.
:format(webp)/downloads.coindesk.com/arc/failsafe/user/1x1.png)
Michael Bellusci is CoinDesk's crypto reporter focused on public companies and digital asset firms.
Learn more about Consensus 2024, CoinDesk’s longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.