Decentralized finance protocol Venus has confirmed it was impacted by an issue with one of its price feed oracles resulting in borrows totaling around $270,000 on Dec. 11, but has downplayed the incident from being an “exploit” as described by analysts, and also vowed to replace funds from the treasury.
On Dec. 10, reports started emerging that the Binance Chain-based decentralized lending and borrowing marketplace had been affected by a malfunctioning price oracle.
X user ‘@SaulCapital’ alerted followers that the “isolated pool on Venus Protocol for liquid staked BNB got exploited.”
He posted a link to a suspect wallet address involved in the incident, which held just under $260,000 at the time of writing.
However, Venus Protocol ambassador “@NoOneVII” responded, stating that it appeared to be an “Oracle price issue, occurring in a small Isolated Market.”
“Venus Core Pool and other Pools are completely separate from each other and are not affected by this,” he said, adding on the Venus Protocol Telegram channel that there was no problem with security.
Head of Venus Labs “@bradherenow” also confirmed that the Binance Oracle, which supports the snBNB asset in the isolated pool, “reported a wrong price resulting in about $200,000 of borrows.”
On Dec. 11, Venus Protocol said they would share more details shortly, assuring that “The $snBNB price feed is back to normal, Core Pool and other markets are unaffected. Funds are SAFU.”
Some facts:
Binance Oracle, which supports the asset of snBNB in the *isolated* pool reported a wrong price resulting in about $200k of borrows. This is the only reported issue.
This user is associated with a Binance account.
There’s no issue with the core pool or otherwise.
— Brad /acc (@bradherenow) December 10, 2023
It added that the Venus community will issue a proposal to “immediately inject liquidity from the treasury to the affected pool totaling around $274K while funds from the pool are recovered with the support of partners.”
Following the @chaos_labs recommendations and out of an abundance of caution due to today’s Binance Oracle price feed issue on the Isolated LST BNB Pool, the snBNB market has been temporarily paused along with 2 other *isolated* markets (agEUR, stkBNB) with similar Binance…
— Venus Protocol (@VenusProtocol) December 10, 2023
Related: DeFi vulnerability leading to $6.7M exploit ‘not detected’ by auditors
The total value locked on the DeFi protocol, which launched in 2020, doesn’t appear affected by the incident and was $738 million at the time of writing, according to Defillama.
The platform’s native token, XVS has fallen 17.5% over the past day to $9.56 at the time of writing, though much of the dip has coincided with a wider sell-off in the cryptocurrency mark
Asia Express: HK game firm to buy $100M crypto for treasury, China/UAE CBDC deal
Source: https://cointelegraph.com/news/defi-protocol-venus-seeks-patch-270-hole-price-oracle-incident-exploit