The Acala Network released the full trace results report regarding all addresses involved in the aUSD incident. Mid August, Acala Network’s aUSD stablecoin depegged by more than 99%, forcing the Acala team to pause a hacker’s wallet, raising concerns about its decentralization claims. The move also affected other features of the platform, such as swaps and xcm. They were made temporarily unavailable until further notice.
16 Addresses Received aUSD Mistake Mints
The aUSD stablecoin is issued by Acala, cross-chain decentralized finance (DeFi) hub based on the Polkadot network. Acala advertises AUSD, a stablecoin backed by cryptocurrency, as being censorship-resistant. Wrapped Bitcoin, or wBTC, comes in the form of iBTC and is compatible with DeFi protocols.
According to the report, the full trace begins at the origin of the 16 addresses that indicated they received aUSD mistake mints. The trace then records every address transacted with the 16 addresses it has found, along with the addresses these 16 addresses have transacted with after that, and so on through each consecutive transaction until it reaches parachain addresses and other exits like CEX addresses.
AUSD error mints and aUSD mistake mint-swapped tokens have been moved to other parachains like Moonbeam, Astar, or CEX by 83 of the 281 affected addresses. Only 8.764M of the 42.482M aUSD error mints on the Acala network are located at individual addresses; the remainder is stored in the DEX module address (1d).
The Issue of Decentralization
The Acala team quickly froze the U.S. dollar-pegged stablecoin after it crashed, and it also temporarily halted various features, such as swaps, xcm, and the oracle pallet price feeds. The team noted that it would continue to investigate the cause of the issue and take action to prevent it from happening in the future.
Although the team might have been trying to protect the network from further damage, decentralization supporters were outraged by the actions. They noted that the team’s actions could have potentially affected the users.
Members of the community noted that the team’s actions were hypocritical since it claimed it was trying to prevent censorship. According to Gr33nHatt3R.dot, if Acala were to control the network’s decisions, it would have to go to the governance level to be considered a decentralized finance system.
Usafmike, a project team member, proposed to roll back the chain to prevent the mints from happening again. However, Skylordafk.dot, another member, said doing so would set a harmful precedent.
What Has Been Going On?
According to Acala, the aUSD Honzon protocol is the source of the vulnerability that led to the issue. The asset that was paired with it, iBTC, was not impacted. Interlay, the creator of iBTC, distanced itself from the issue.
According to Alexei Zamyatin, exploiters did not hack the CEO and co-founder of Interlay, the company’s iBTC and network. They remain operational and fully functional. In an interview, he said that the incident had not affected the company’s operations.
Source: https://crypto.news/acala-network-releases-the-full-trace-report-on-recent-network-exploit/