由于 Cauldron 问题让用户利用了 Magic Internet Money（我发誓），加密货币骗术从 Abracadabra 中“噗”掉了 6.5 万美元

Get the popcorn in, because I swear it’s true. A cross-chain lending platform called Abracadabra Money has confirmed that an exploit allowed one user to drain at least $6.49 million in Ethereum-based stablecoins from its protocol (first spotted by Web3 进展顺利). Fair warning that this story involves a bunch of crypto jargon which I’ll try to explain as we go along, but always remember: these words are meant to obfuscate, confuse, and give the veneer of reality to the mathematically abstract.

Let’s start with the Ethereum Cauldrons. These allow users to borrow the Magic Internet Money (MIM) stablecoin, yes really, a stablecoin being a crypto-token that is in theory pegged to the value of (and backed by) a recognised currency: in this case the US dollar. Users can borrow MIM this way by offering various other assets as collateral. What could go wrong?

一名黑暗巫师登场，他是一位身份不明的用户，他以 1 ETH（约 2,300 美元）开始攻击，根据来自 区块链安全公司 Certik took advantage of a “rounding issue.” What they seem to have done is spam loans using a piece of confusion software called TornadoCash: borrowing and repaying repeatedly in a manner that had them not-so-slowly accruing profit, and then successfully transferring those funds to another crypto-wallet.

The attack was first noticed by the blockchain security firm PeckShield, at which point the loss was estimated at $6.49 million. Subsequent estimates have put the amount as high as $10 million, though bear in mind we’re talking about crypto assets here, and sparked a 价值暴跌 是的，神奇的互联网货币稳定币。

MIM 开发团队承认了这一漏洞并 说现在已经修复了, while the MIM stablecoin has, after going down to around 77 cents in value at its lowest, returned to the high 90 cents range. But remember: the whole point of these so-called stablecoins is that they stay 1:1 with their pegged currency. So we’re not at the final act yet.

The team further claim that victims will be compensated via a buy-back and burn process (liquidating some currency to boost the overall pot’s value). Abracadabra is a decentralised finance platform, in crypto terms a DeFi, and the whole point of these is that they’re supposed to be secure, robust, impregnable. And yet here we are: One attacker has made off with several million of crypto assets, with MIM and Abracadabra developers only able to say it’s been contained.

神奇的互联网货币 现在说 that “following the recent exploit, we’ve taken swift action to secure the protocol. The DAO treasury is set to fully collateralize the $6.5M affected, ensuring safe operations. We’re moving forward with confidence.”

To which, I guess, one can only add: “tah-dah!” This isn’t even Magic Internet Money’s first dodgy moment, with it having to be de-pegged during the 2022 年泰拉坠毁, and you do wonder who keeps giving something like this the benefit of the doubt. People really do put money into these things and, you know, so often the crypto moral lesson turns out the same. I wouldn’t say it’s magic but: Now you see it, and now you don’t.

• SEO 支持的内容和 PR 分发。 今天得到放大。
• PlatoData.Network 垂直生成人工智能。 赋予自己力量。 访问这里。
• 柏拉图爱流。 Web3 智能。 知识放大。 访问这里。
• 柏拉图ESG。 碳， 清洁科技, 能源， 环境， 太阳能， 废物管理。 访问这里。
• 柏拉图健康。 生物技术和临床试验情报。 访问这里。
• Sumber: https://www.pcgamer.com/crypto-hocus-pocus-sees-dollar65-million-go-poof-from-abracadabra-thanks-to-a-cauldron-problem-that-let-a-user-exploit-magic-internet-money-i-swear