CertiK-audited DEX Merlin experienced a $1.82 million hack. The attacker drained funds from a liquidity pool on the DEX, which is built on zkSync.
Decentralized exchange Merlin suffered a hack on April 26, losing $1.82 million. PeckShield and several community members have pointed out that the exchange was exploited, providing the exploiter’s addresses. The funds, which took the form of USDC tokens, were bridged from zkSync to Ethereum.
Another DeFi Exploit
Members in the community have asked that Circle freeze the funds, though it seems too early for Circle to take any action, as the hack happened mere hours ago. The Merlin team has not made a statement on the incident, at least on Twitter. However, the crypto community has been noisily discussing the incident.
The attacker depleted the liquidity pool of the Merlin DEX. Built on zkSync, the project is one of the more notable applications on the network. The fact that the attacker drained the liquidity pools is an indication that they somehow engineered the liquidity pool’s smart contracts.
The incident is yet another one in the DeFi market, which continues to be a major target for hackers. Despite undergoing audits, DeFi platforms remain vulnerable to security breaches, as several hundreds of millions have already been drained this year.
What Is Merlin?
Merlin only launched a few days ago. It made quite a buzz because it was built on zkSync and even managed to establish several partnerships. The platform’s main offering is its Core Farming Pools, which drew many millions in a few days.
The DEX is built on zkSync, which is a Layer 2 zk-rollup-based scaling solution for Ethereum. It is currently running its public sale for the MAGE token. It’s unclear what effect the hack will have on the presale. Nonetheless, investors will be wary of the platform right now.
DeFi Audits Being Drawn Into Question
The crypto community will be doubly cautious because only days before the launch, the platform was audited by well-known security firm CertiK. However, it’s worth noting that audits have become a major necessity in the crypto market. Moreover, the fact that an audit from a firm like CertiK has drawn the crypto community’s attention suggests that the community values the importance of security and risk mitigation in the industry.
CertiK has, in fact, audited several projects in the past that have later experienced hacks. The list includes PancakeBunny, Uranium Finance, and Meerkat Finance. The end result is that the crypto community is growing doubtful about the quality of audits.
CertiK also audited Terra, which drew its own criticism because of a founder’s statement on Terra’s design, which was lavish in its praise. The combination of the hacks that followed the audits and the statements about Terra has the crypto community growing increasingly wary.
As such, DeFi audits are being drawn into question, despite their necessity. Projects will have to focus on the quality of these audits and their own water-tight designs to win the public over.
Disclaimer
In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content.
Source: https://beincrypto.com/certik-merlin-dex-suffers-1-82m-hack/