Biggest DeFi Hack Ever!

The Intelligent Insurer #28 — Poly Network incurs the biggest DeFi hack in history with $600 million stolen

Poly Network was subject to the biggest DeFi hack ever recorded as attackers successfully stole $600 million from three decentralized exchanges that were integrated with the network. The vastly outsizes it’s predecessors with an $180 million inflation bug exploit in the PAID network being the closest comparison.

In the latest Intelligent Insurer, we review the details of the biggest DeFi hack in the history of the nascent field. We review the size of the attack, how it happened, and what is happening with the addresses of the attackers. We also cover how those with digital asset insurance prior to the attack will be eligible for compensation. Before diving into these details, we present our weekly development roundup.

Insured Finance development roundup — Chainlink oracle solution integrated

There have been some exciting updates on the development front over the past week. We have successfully integrated Chainlink, the leading oracle solution for decentralized protocols and applications in the cryptocurrency space. With Chainlink successfully integrated, Insured Finance can now have accurate and reliable feeds of data powering the platform’s smart contracts.

We have also begun updating the application to reflect the most recent business rules surrounding claim submissions and claim payouts. We are building Insured Finance so that it will be extremely straightforward and intuitive for users to submit and receive claims. For the platform to deliver this, we will finalize the rules surrounding claims and implement these into the platform’s smart contracts.

There were also several integrations between the frontend design and backend processes. Functions surrounding cover listings, deposits, and both claim offers and requests all made significant progress in terms of frontend to backend integrations. We will update further regarding these integrations in future releases.

Multiple blockchains breached

Poly Network is a blockchain protocol that was built to enable interoperability across multiple independent blockchains. The platform allows interaction among homogeneous and heterogeneous public blockchains in a manner that is open and transparent. Several of the biggest blockchain networks have already been integrated in the Poly Network including Bitcoin, Ethereum, Zilliqa, Binance Smart Chain, Polygon, and several others.

On Tuesday, August 10, 2021, the platform experienced what has been recorded as the biggest DeFi hack ever. During the hack, DeFi exchanges on Polygon, Ethereum, and Binance Smart Chain were all exploited. $85 million, $253 million, and $266 million were drained from the Polygon, Binance Smart Chain, and Ethereum-based exchanges respectively. The stolen assets were transferred to the Ethereum and Binance Smart Chain addresses linked.

State of the funds and hack details

The Poly Network has asked those in the industry such as digital asset exchanges and miners to block transactions from the identified addresses. The Poly Network team is preparing itself to initiate legal action on the issue. It has also publicly requested that the thieves return the stolen assets.

Tether responded to this request by freezing more than $30 million, making it difficult for the hackers to move the stolen assets. However, with the help of an anonymous accomplice, the hackers worked around the obstacle by depositing the tokens through another means into Curve.fi. The hackers rewarded the anonymous accomplice with Ethereum tokens worth roughly $45,000.

To carry out this hack, the hacker identified a bug that enabled them to overwrite a smart contract on Poly Network’s protocol that is used to transfer tokens between blockchains. In a message contained in one of the transactions, the perpetrator of the hack claimed that the intention was to “expose the vulnerability” in the smart contract, so that the Poly Network team can get to work and fix it, before it is exploited by actual thieves. As of the time of writing, $340 million worth of assets is reported to have been returned by the hacker(s) with the remainder still frozen in Tether.

Protecting against existing threats

https://twitter.com/InsuredFin/status/1425107887454572559

With $600 million drained from the exchanges, those that previously held insurance for these exchanges will be eligible for compensation. As DeFi hacks continue to occur and grow in size, having digital asset insurance is becoming more relevant than ever.

Insured Finance is working towards building the standard for digital asset insurance. Our two-sided marketplace allows users to secure coverage that is tailored to their unique holdings.

In the event of the Poly Network attack, any users that held coverage against an exploit on this exchange would be immediately compensated. Moreover, our sophisticated smart contract technology ensures that users are paid out instantly in the event of non arbitrary exploits such as the Poly Network attack.

About Insured Finance

Insured Finance is a decentralized, peer-to-peer insurance marketplace. Insured Finance users can request customized insurance on a wide variety of digital assets. Those that fulfill requests earn premiums and can earn a competitive return on their capital. Claims are fully collateralized and settled instantly.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store