Arbitrum money market Lodestar Finance exploited
Lodestar Finance, a lending platform on Ethereum scaling-solution suite Arbitrum, was attacked and exploited for about $6.5 million.
I have been saying that this first wave of defi protocols is naive and just too easy to either exploit, or just to construct scammy ponzinomics. Just look at how easy this is:
The exploiter was able to successfully manipulate the exchange rate of the plvGLP token to 1.83 GLP per plvGLP — making it 83% more valuable than it should have been. Using the inflated tokens as collateral, the exploiter could then remove all available liquidity on Lodestar Finance through bad debt.
Such flaws always existed, they were always exploitable. The decrease in crypto market cap has just made such exploits easier, not just cheaper, as low liquidity makes pool swap slippages higher, and hence prices can be manipulated more easily.
Live and learn - possibly - although I don't see more complex systems being built. What I do see is the onward march of creating more connections, and those will just make contagion worse.
Not sure how each platform could fix this quickly, before designing new pools - maybe just insert trade limits.