The dForce Loss to Hackers is a Symptom of something Deeper in DeFi

The dForce Loss to Hackers is a Symptom of something Deeper in DeFi 1

 

Open lending protocol dForce has had a few issues since it raised capital from cryptocurrency exchange Huobi last week. The open lending protocol suffered a loss of about $25 million. This is about the total of the capital in tokens that it had under its control.

All of this happened after dForce raised about $1.5 million on Thursday last week from the Huobi cryptocurrency exchange. The open lending platform seemed impregnable. The crypto space has been taken aback by the attack.

Coinbase 4

 

dForce gets HackedThe LendF protocol had issues security-wise. Sources say that hackers exploited the reentry loophole in the dForce protocol. This vulnerability had been seen in Uniswap.

 

The hacker used the ERC-777 standard to launch the attacks. The standard appears to be glitch-free. There was however a loophole that allowed for the glitch to occur. Sources point to an OpenZepellin-published exploit on GitHub as the source of the problem.

Blockchain

The attackers were able to use the reentry loophole to steal the funds by “looping” the withdrawal requests before final execution.

As of the time of writing this article, it appears that most of the funds have been returned to dForce. The Lendf protocol, however, has been suspended.

This kind of attack shows that a lot of things are wrong with the dForce setup.

First of all, the crypto space is still new technology. As such, there are going to be all kinds of technology around. Decentralized finance (DeFi) being another sub-field within the crypto space is very young at the moment. The attack has been seen by many as a result of dForce copying all kinds of things from just about anybody they think is perfect for the job.

dForce Copies Everything 

A cursory look at their business model shows this weakness very clearly. Their USDx token is a clear case of this. Another DeFi organization has a USDX. Kava from the middle of last year launched its USDX stablecoin.

It aimed to have a stablecoin in US dollar value to work within the Decentralized finance ecosystem. The USDX stablecoin was also backed by XRP tokens. dForce it appears has done everything within its power to undercut Kava at every turn.

Unnamed sources within the Kava ecosystem cite the numerous attempts by dForce as an example of the lack of the spirit of Fairplay that dForce has employed so far.

The use of Kava’s USDX ticker and many tries to get people to use its USDx instead. The lack of creativity by the dForce team seems to have been extended into its code as well. This may be what has been responsible for the hack.

Security is Lacking

The truth is that once you copy code, you will have to find a way of securing the code and altering it. This is because your version of the code will still be vulnerable to the codes’ original vulnerabilities.

The dForce Loss to Hackers is a Symptom of something Deeper in DeFi 2

 

As such, dForce hasn’t been a good copycat. According to sources, the team at dForce had repeatedly pointed out that their code came from the Concourse library. While not making any efforts to disparage these claims, others within the crypto space have accused dForce of copying code.

Robert Leshner who is the founder of Compound Finance and Robot Ventures pointed out that dForce copied its main source codes for its smart contracts from other parties.

Everyone Notices

He indicated this in a tweet and pointed out a lesson for developers.

 

 

This goes to show that many pairs of eyes are watching the various happenings within the DeFi space.

Kava’s CEO Brian Kerr had spoken exclusively about the matter. Sources say that he admitted that

“Building any financial service on ETH is quite problematic for security. Testing the possible outcomes and bugs of solidity is near impossible as it can do virtually anything as a Turing complete language. While powerful, it’s probably the worst environment to build financial infrastructure”.

 

He indicated the programming process at Kava. he said that

 

“At Kava, all our code is built from the ground up, in Golang, in very discreet modules that are scoped to very specific actions that we can “formally verify” meaning that we can fully test the code to a very high confidence for its accuracy and security”.

 

He also spoke specifically about dForce. He said that

 

 “As for dForce specifically, it is a tragedy for what happened to the users’ funds. Lots of people lost hard-earned money due to basic negligence. I don’t like to say bad things about others usually, hacks can happen to any team, but the dForce incident is particularly bad”.

 

He continued

 

 “The fault is both on the dForce team and the users. dforce didn’t understand what they were doing and marketed an unsafe product. The users didn’t do their own due diligence on the team or the codebase to make sure it’s safe”.

 

At the end of the day, it boils down to understanding how to use creativity properly. There are three kinds of creativity copycat creativity, pure creativity, and innovation. dForce didn’t understand the risks and took the first leap.

 

The dForce Loss to Hackers is a Symptom of something Deeper in DeFi 3
blank
About the author

Christopher is the Blockchain/DeFi Editor for E-Crypto News he also writes frequently about Crypto Gaming and Gambling. He is the author of the book "Profitable Cryptocurrency Gambling and Gaming: A Complete Guide." A content developer, Crypto-Enthusiast, and tech-savvy individual. He is also a Superstar Content Developer, Strategy Demigod, and Standup Guy.

Related Posts

blank

E-Crypto News Executive Interviews


blank

bitcoin
Bitcoin (BTC) $ 39,798.00
ethereum
Ethereum (ETH) $ 2,644.37
tether
Tether (USDT) $ 1.00
binance-coin
Binance Coin (BNB) $ 335.60
cardano
Cardano (ADA) $ 1.33
xrp
XRP (XRP) $ 0.753292
usd-coin
USD Coin (USDC) $ 1.00
dogecoin
Dogecoin (DOGE) $ 0.206342
polkadot
Polkadot (DOT) $ 18.34
binance-usd
Binance USD (BUSD) $ 1.00
USD
EUR
GBP
bitcoinBitcoin (BTC)
$ 39,798.00
ethereumEthereum (ETH)
$ 2,644.37
tetherTether (USDT)
$ 1.00
bitcoin-cashBitcoin Cash (BCH)
$ 558.09
litecoinLitecoin (LTC)
$ 144.34
bitcoinBitcoin (BTC)
33.536,70
ethereumEthereum (ETH)
2.228,34
tetherTether (USDT)
0,842673
bitcoin-cashBitcoin Cash (BCH)
470,29
litecoinLitecoin (LTC)
121,63
bitcoinBitcoin (BTC)
28,621.37
ethereumEthereum (ETH)
1,901.74
tetherTether (USDT)
0.719166
bitcoin-cashBitcoin Cash (BCH)
401.36
litecoinLitecoin (LTC)
103.80

Automated trading with HaasBot Crypto Trading Bots

Crypto Scams

blank
The World’s Most Infamous Crypto Hacks and Scams
July 31, 2021
Cryptocurrency Exchanges
Cryptocurrency Exchanges and the Plague of Scams and Bans
June 29, 2021
blank
What Role Do Cryptocurrencies Play In The Era Of Ransomware Attacks?
June 9, 2021
Crypto Scams On The Rise As Market Enters Bull Cycle
Crypto Scams On The Rise As Market Enters Bull Cycle
December 22, 2020
Harpreet Singh Sahni perpetrated the Plus Gold Union Coin (PGUC) scam
Sydney Concert Promoter Harpreet Sahni Involved In $50M Crypto PGUC Scam
November 2, 2020

Blockchain/Cryptocurrency Questions and Answers

Short-Sell Cryptocurrency
How to Short-Sell Cryptocurrency: A Brief Overview
July 17, 2021
Klaytn
What Is Klaytn (KLAY) And How Does It Work?
July 16, 2021
Cryptocurrencies
Our Crypto Roundup Interview Asks- Do Cryptocurrencies Have a Future?
July 15, 2021
Solana
What Is Solana (SOL) And How Does It Work?
June 26, 2021
blank
What Is Plethori Platform And How Does It Work?
June 12, 2021


CryptoCurrencyUSDChange 1hChange 24hChange 7d

bitcoin
Bitcoin (BTC) $ 39,834.00
ethereum
Ethereum (ETH) $ 2,650.05
tether
Tether (USDT) $ 1.00
binance-coin
Binance Coin (BNB) $ 335.63
cardano
Cardano (ADA) $ 1.33
xrp
XRP (XRP) $ 0.752333
usd-coin
USD Coin (USDC) $ 1.00
dogecoin
Dogecoin (DOGE) $ 0.205914
polkadot
Polkadot (DOT) $ 18.43
binance-usd
Binance USD (BUSD) $ 1.00