DeFi Protocol Gamma Strategies Discloses Vulnerability After Preliminary Investigation
Gamma Strategies plans a third-party code review to address the attack before reopening deposits, but compensation for victims is still not confirmed.
Gamma Strategies – a DeFi protocol built on the Ethereum blockchain – fell victim to an exploit, resulting in a loss of approximately $3.4 million. In response to the attack, the protocol swiftly implemented measures to prevent further losses, temporarily disabling deposits to all public DeFi vaults while keeping withdrawals active for users in need of accessing their funds.
The exploit was initially identified by blockchain investigator PeckShield on January 4, which was then confirmed by Gamma Strategies. The platform disclosed that it had identified the root cause of the incident.
Root Cause Revealed
Gamma’s vaults incorporate four primary safeguards against flash loans. These include mandating a token0 and token1 ratio in line with the pool’s ratio, setting a price change threshold to disallow deposits when the price change exceeds a specified amount, implementing deposit caps per deposit, and prohibiting single-sided deposits.
The protocol revealed that the main issue stemmed from the settings on the price change threshold, which were set too high, allowing for up to a 50-200% price change on certain LST and stablecoin vaults. This enabled the attacker to manipulate the price to the threshold and generate an unusually high number of LP tokens.
Gamma Strategies has outlined its plan of action, which includes setting all price change thresholds to a safe threshold level. It also plans to rope in a third-party code review to ensure that this attack is effectively mitigated prior to re-opening deposits.
A comprehensive post-mortem analysis will also be released soon. However, Gamma Strategies is yet to confirm if it intends on compensating its victims in addition to “maximizing recovery for all affected users.”
“One last note, is that even though deposits are closed, our rebalances and management of the positions are still active as they are not affected by the exploit.”
Another Hack in 2024
Within the first four days of 2024, the cryptocurrency market faced two security breaches.
Orbit Chain, a project facilitating cross-chain bridging, was hacked earlier this week, which led to the loss of over $80 million in assets. The attacker managed to gain access to seven out of ten multisig signers, resulting in a total loss of $81.5 million.
The majority of the stolen funds consisted of stablecoins, with $30 million in USDT, $10 million in USDC, and $10 million in DAI. Additionally, approximately 231 WBTC ($10 million) and 9,500 ETH ($21.5 million) were also compromised.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
xAI says ‘rogue employee’ responsible for white genocide Grok posts
Share link:In this post: xAI has issued a statement blaming a “rogue employee” for white genocide posts on its AI chatbot Grok. The company mentioned that an unnamed employee made an unauthorized modification to the system prompt. Users on X disagree with the statement, lining up to take jabs at Elon Musk.
US credit downgrade by Moody’s has Wall Street on edge over national debt
Share link:In this post: Moody’s downgraded the US credit rating due to rising debt and weak deficit control. The “Big Beautiful Bill” could add up to $5.2 trillion to the national debt if passed. Investors are worried about higher borrowing costs and a possible cash crunch by August.
Is Bitcoin (BTC) Climb Past $105K Just the Start of a Bigger Bull Run?
Fartcoin Price Surged by 11%, Targeting $2 Mark
Trending news
MoreCrypto prices
More
