ID:
value-defi-356
100 pts
Platform:
Type:
Category:
Method:
Data Sources:
Binance Smart Chain
Protocol
Dexes
Contract Vulnerabilities
Extended Method:
Logic error
Days in Operation:
805
(2.21 Years)
100 pts each
DeFi protocol ValueDeFi is suspected of being hacked again after being hacked on the 5th. ValueDeFi reminds users in the community, "All non-50/50 transaction pools of the project have been used. Please stop purchasing gvVALUE and vBSWAP until the project team provides a solution." It was subsequently confirmed that more than 3,000 ETH (approximately 10 million U.S. USD) were lost. During the latest attack, a profit-sharing pool was exploited in a manner where the hacker turned himself into the sole operator of the pool and drained the original stake token (vBWAP/BUSD LP). Then the hacker removed all of the tokens, and removed liquidity to receive over 7300 vBSWAP and 205k BUSD, before selling the vBSWAP for nearly 8800 BNB on 1inch, using the BNB and BUSD to buy renBTC, and ultimately using renBridge to swap the funds into BTC. The incident was due to the improper use of a complex exponentiation power() function behind the calculation and enforcement of the weighted constant product invariant.
DISCLAIMER: While web3rekt has used the best efforts in aggregating and maintaining this database, this web site makes no representations or warranties with respect to the accuracy or completeness of its information and data herein, and specifically disclaim any implied warranties of merchantability or fitness for any particular purpose.
​
Under no circumstances, shall web3rekt be liable for any loss of profit or funds, any regulatory or governmental penalties, any legal costs, or any other commercial and non-commercial damages, including but not limited to special, incidental, consequential, or other damages from any or all usage of the data and information derived from this database.