Un tour de passe-passe cryptographique voit 6.5 millions de dollars disparaître d'Abracadabra grâce à un problème de Cauldron qui a permis à un utilisateur d'exploiter Magic Internet Money (je le jure)

Get the popcorn in, because I swear it’s true. A cross-chain lending platform called Abracadabra Money has confirmed that an exploit allowed one user to drain at least $6.49 million in Ethereum-based stablecoins from its protocol (first spotted by Web3 va très bien). Fair warning that this story involves a bunch of crypto jargon which I’ll try to explain as we go along, but always remember: these words are meant to obfuscate, confuse, and give the veneer of reality to the mathematically abstract.

Let’s start with the Ethereum Cauldrons. These allow users to borrow the Magic Internet Money (MIM) stablecoin, yes really, a stablecoin being a crypto-token that is in theory pegged to the value of (and backed by) a recognised currency: in this case the US dollar. Users can borrow MIM this way by offering various other assets as collateral. What could go wrong?

Entrez un sorcier noir, un utilisateur inconnu qui a commencé son attaque avec 1 ETH (environ 2,300 XNUMX $), et selon un rapport de société de sécurité blockchain Certik took advantage of a “rounding issue.” What they seem to have done is spam loans using a piece of confusion software called TornadoCash: borrowing and repaying repeatedly in a manner that had them not-so-slowly accruing profit, and then successfully transferring those funds to another crypto-wallet.

The attack was first noticed by the blockchain security firm PeckShield, at which point the loss was estimated at $6.49 million. Subsequent estimates have put the amount as high as $10 million, though bear in mind we’re talking about crypto assets here, and sparked a plonger dans la valeur de, oui, le stablecoin Magic Internet Money.

L'équipe de développement MIM a reconnu l'exploit et dit que c'est maintenant réparé, while the MIM stablecoin has, after going down to around 77 cents in value at its lowest, returned to the high 90 cents range. But remember: the whole point of these so-called stablecoins is that they stay 1:1 with their pegged currency. So we’re not at the final act yet.

The team further claim that victims will be compensated via a buy-back and burn process (liquidating some currency to boost the overall pot’s value). Abracadabra is a decentralised finance platform, in crypto terms a DeFi, and the whole point of these is that they’re supposed to be secure, robust, impregnable. And yet here we are: One attacker has made off with several million of crypto assets, with MIM and Abracadabra developers only able to say it’s been contained.

Argent Internet magique dit maintenant that “following the recent exploit, we’ve taken swift action to secure the protocol. The DAO treasury is set to fully collateralize the $6.5M affected, ensuring safe operations. We’re moving forward with confidence.”

To which, I guess, one can only add: “tah-dah!” This isn’t even Magic Internet Money’s first dodgy moment, with it having to be de-pegged during the Crash de Terra 2022, and you do wonder who keeps giving something like this the benefit of the doubt. People really do put money into these things and, you know, so often the crypto moral lesson turns out the same. I wouldn’t say it’s magic but: Now you see it, and now you don’t.

• Contenu propulsé par le référencement et distribution de relations publiques. Soyez amplifié aujourd'hui.
• PlatoData.Network Ai générative verticale. Autonomisez-vous. Accéder ici.
• PlatoAiStream. Intelligence Web3. Connaissance Amplifiée. Accéder ici.
• PlatonESG. Carbone, Technologie propre, Énergie, Environnement, Solaire, La gestion des déchets. Accéder ici.
• PlatoHealth. Veille biotechnologique et essais cliniques. Accéder ici.
• La source: https://www.pcgamer.com/crypto-hocus-pocus-sees-dollar65-million-go-poof-from-abracadabra-thanks-to-a-cauldron-problem-that-let-a-user-exploit-magic-internet-money-i-swear