Solana-based decentralized exchange OptiFi inadvertently bricked the system by permanently locking up $661,000.
A Costly Mistake
Solana-based decentralized options exchange OptiFi came to an unexpected pause as its development team accidentally bricked the mainnet and inadvertently locked up funds during a routine upgrade. The team announced the news on Monday, stating that all of the funds in the application are permanently inaccessible. This means around $661,000 worth of USDC has been lost forever.
The team stated in a postmortem report that they accidentally used the “Solana Program Close” command, stating,
“We had an update to our Solana program code, so our deployer tried to upgrade the OptiFi program on Solana mainnet. However, we accidentally used the ‘Solana program close’ command, resulting in our OptiFi program on mainnet being unfortunately closed.”
A Failed Upgrade
According to the team, they initiated a protocol upgrade on the 29th of August. However, the operation was aborted because the deployment took far longer than anticipated. The team realized that a new “buffer” account had been created, and OptiFi had transferred just over $17.2 SOL tokens to it. The team attempted to close down the OptiFi program to retrieve these tokens.
While the tokens were retrieved, an error message indicated that the program had been permanently shut down when the team tried to redeploy the protocol. The developers zeroed in on the “Solana program close” command line, which the developers executed while attempting to retrieve the tokens. However, unknown to the team, the “Solana program close” command closes the program permanently.
Platform to Reimburse User Funds
Accepting its mistake, OptiFi, on its part, has promised it will reimburse all user funds. However, it also stated that a single team member held 95% of the funds lost on Monday. According to OptiFi, the entire refund process will take around two weeks to complete. The team also apologized on Twitter, promising to learn from this experience.
“OptiFi’s team will learn from this harsh lesson and keep on building for everyone who trusts us. [Sincere] apologies to all the users [who] put faith in us and got affected by our mistakes.”
Suggestions For Solana
The OptiFi team, while taking responsibility for the mistake that bricked the program, also offered a few suggestions to Solana’s core developers so that others could avoid a similar fate. The team stated that more official documentation about the “Solana program close” command would be a good starting point. It also added that an extra confirmation step for developers before executing the instruction would be helpful in case some developers want to revert or unintentionally execute the command.
A New Version In The Works
OptiFi had just launched on the Solana mainnet earlier this month. Now, the platform plans to deploy a new version of its program. As a safeguard, OptiFi will use a peer-surveillance system which will ensure that at least three people are involved with any future actions on the blockchain. The team hoped this measure would create a system that would minimize impatient actions and further mistakes.
“Every deployment needs a rigorous process, and single-point failure can be avoided. Please don’t rush like what we did, especially for DeFi projects.”
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
Source: https://cryptodaily.co.uk/2022/08/solana-based-dex-optifi-s-661000-gaffe