The decentralized finance (DeFi) lending platform Raft has briefly suspended minting of its R stablecoin following a safety breach, leading to over 1500 ETH drained from the protocol.
Raft co-founder David Garai confirmed the safety breach, which concerned the intruder producing R tokens and depleting automated market maker liquidity whereas concurrently withdrawing collateral from Raft.
In response to CoinGecko data, the breach brought on the worth of R stablecoin to drop from $1 to $0.04 on the time of writing.
R stablecoin worth chart | Supply: CoinGecko
Furthermore, Garai stated Raft is targeted on securing person operations and restoring stability because it investigates the complete extent of the incident. Nevertheless, current R holders can nonetheless repay loans and retrieve collateral whereas minting is suspended.
Curiously, an on-chain information analyst traced the hack to a coding flaw that mistakenly despatched the 1570 ETH drained by the hacker to an irretrievable null deal with as an alternative of the hacker’s pockets.
In complete, the attacker was capable of drain 1577 ETH from Raft however solely withdrew 7 ETH because of the error. The hacker reportedly funded the assault with simply 18 ETH obtained by the controversial crypto mixer Twister Money.
In response to Gor Igamberdiev, Head of Analysis at Wintermute, the hacker minted 6.7 million unbacked R tokens valued at $6.7 million and swiftly exchanged them for ETH. Nevertheless, because of the important code flaw, the ETH ended up locked within the null deal with.
Whereas Raft continues its investigation, the crew has promised to maintain customers up to date on efforts to revive stability and compensate for any losses from the protocol’s treasury reserves.
For now, current R holders are nonetheless capable of make the most of Raft’s lending and borrowing features regardless of the minting suspension.