For the second time in a short period of time, lender bZx attack. This company will provide its Final (for Decentraliced Finance services through the use of a second layer on the blockchain of Ethereum.
A total of 3,500 ether lost,
The estimated loss is 2.388 air, or 620.000 usd. Kyle Kistner on bZx, says that in the Telegram, the attack seems to be to try to manipulate the widely used oracle database.
All of the operations of the company are to be carried out on the blockchain of Ethereum. This is why the researchers will not be difficult to trace to any of the transaction. They come out of a transaction in a block 9504627. That transaction, you will be able to see it on blockexplorer Etherscan.
Kistner is confident that this attack is as offset as the previous attack. In the previous attack, were 1.193 Ether was lost, at a value of approximately 290.000 dollars. The company has written a comprehensive post-mortem on the attack.
The interruption of the protocol
However, they were able to make their lessons is not fast enough in practice, as shown by the second attack. They have, in fact, the protocol will have to re-break. The transaction would have taken place with the help of the flash loans (fast loans) and to trading on Synthetix. bZx tweette that it has no impact on the Synthetix system.
We’ll have to hit the pause button on the protocol-again, in the light of suspicious transactions, using a flash loans and trading on Synthetix.
— bZx (@bzxHQ) February 18, 2020
A recreation of the first episode
The attack was launched on the 14th February, on Valentine’s day. At that time, there was an Ethereum-day event in Denver, where the staff of the bZx is also available. She had heard of the attack, we went home and did the transaction.
In a flash loan of dYdX, for 10,000 of the ETH has been opened
5500 ETH zurich, was sent to the Compound as a pledge for the 112 wBTC to take a loan. wBTC is a token version of 1 bitcoin. Not a real bitcoin, but as a token for 1 bitcoin to be proposed.
1300 ETH zurich, was sent to the Fulcrum pToken sETHBTC5x, in which a 5x-short position is opened at the ETHBTC ratio.
5637 ETH were borrowed, and by the Uniswap spare Kyber exchanged it for 51 of WBTC, which led to a high slippage. Slippage occurs when a trader must be satisfied with a different price than you expect, between the time of market entry, as well as the actual execution of the operation.
The attacker, if the 112 wBTC (borrowed Ones) to 6871 SIGHTS on Uniswap, which resulted in a gain.
The flash is a loan of 10,000 SIGHTS of the dYdX and was repaid out of the proceeds.
In total, the profit for the attacker (likely to be a team of attackers) 1.193 air.
The attack on the oracle, it came too soon
Tuesday afternoon, wrote the team, bZx, that they have to go to a different oracle database. Their purpose will be the product of the Chainlink. Only after implementation, they continue, but with reduced functionality.
UPDATE: We are meeting with the Chainlink today and expediting the addition of the oracle to be our model. After this is added, we will go online with extremely limited functionality: – commercial, unlending, and closing positions/loans. New positions and new loans will not be available.
— bZx (@bzxHQ) February 18, 2020
We will also have the Chainlink-oracles implemented as a complement to the Kyber-pricefeed to the price to be provided. Even though this is not an attack on the port was, of course, there are many people are concerned that the security of our oracle more robust, and we’ve been listening to your feedback. We will do everything we can to make sure that the Chainlink is no central point of failure, that is, in our model, because the technology is still being developed, and encryption, economic security guarantees have not yet been implemented.
The above quote is from after the first attack, but before the second attack. Ironically, at the time that the second attack of the ancient oracle, however, has been under attack.