Exploit in DeFi Governance protocol at Beanstalk Farms resulted in $182mn loss

DeFi Governance protocol

Initial probing showed the exploitation took place at its own governance proposal system after which turned out in capital loss

Fraud and exploitation in any industry including crypto space results in skepticism of people and shifts their trust. To gain trust and mass adoption it becomes crucial for the crypto industry to maintain the image free of such activities and stay away from controversies. However still every now and then such instances came in front effects the overall crypto space. 

Recently a loss of around $182 million worth happened at the collateral fund of Beanstalk Farms, a credit based stablecoin protocol. The incident took place due to a security breach that was caused by a flash loan attack and two spooky governance proposals. 

The actual problem for the protocol happened at the suspicious governance proposals named BIP-18 and BIP-19 that were issued on April 16 by a fraudster who asked for protocol to donate capital funds to Ukraine. However such proposals had bad actor who were attached to them that ultimately created the swallets of funds from the platform as reported by BlockSec, a smart contract auditor.

Latest breach in security of decentralized finance protocol happened around at 12:24 pm UTC, at the time exploiter ran away by taking out $1 billion worth flash loans from prominent defi lending protocol AAVE (AAVE) that was denominated in stablecoins including DAI (DAI), USD Coin (USDC) and also Tether (USDT). After which those scammers used the loan amount fund for the accumulation of enough assets to take under about 67% of governance of protocol and then approved their own proposals due to the authority they gained. 

Also Read: 2 Crucial Elements For Just A Web3 Recipe Are Cryptocurrency And Blockchain

As we know about a flash loan that it must be executed and then repaid within just a single block and calls for several smart contracts to complete at once. Flash loans have history to be used for performing such hacks or exploits of other protocols. As far as Beanstalk Farms is concerned, it’s a decentralized algorithmic platform to issue stablecoin on Ethereum. 

The case was not a hack technologically as the governance procedures and smart contracts have functioned as they were designed to do. The exploitation took place at their design that was acknowledged by a spokesperson of the project goes by name ‘Publius’ in a meeting that happened on 18th April. At the meeting he said that it’s very unfortunate that the governance procedure was exploited and used for undoing which was meant to put the Beanstalk Farms in a successful position.

Source: https://www.thecoinrepublic.com/2022/04/18/exploit-in-defi-governance-protocol-at-beanstalk-farms-resulted-in-182mn-loss/