Search Inside Bitcoins

SushiSwap Fights Off Midnight Exploit Amid Recovering Price And Reputation

Sushi Swap
Sushi Swap

The DeFi ecosystem has always been plagued by exploits and hacks. With the sheer amount of money flowing through that space at this time, it’s more to be expected than anything.

Now, however, one more decentralized exchange managed to fight off such an attack, for the most part: SushiSwap. While the Automated Market Maker (AMM) has received a lot of criticism, it seemingly proved its ability to beat down an attack.

Covering The Negligible Losses Of $10K to $15K

Last night, people took note that Uniswap was suffering from an exploit. The DEX, originally starting off as a vampire DEX leaching off Uniswap, had its Head Developer, 0xMaki, start taking steps to counteract this exploit.

The exploit itself has now been resolved, according to the Discord channel for Sushiswap. This announcement further detailed that all the user funds lost in this exploit, somewhere between $10,000 and $15,000, will be covered by SushiSwap’s treasury.

The Exploit Itself

As for the exploit itself, and what this means for SushiSwap, DeFi degen, and andy, two smart contract engineers that 0xMaki personally thanked publicly on Twitter for their help, gave a few comments about the matter at large.

Andy stated that 0xMaki contacted him due to some “weirdness” occurring on SushiSwap, but was unsure of what it was at the time. After about an hour of communicating through a Discord call, andy and 0xMaki figured the exploit out.

According to andy, this attacker managed to wrap liquidity pool tokens, then deploy them into a new pool. From there, a strange logic within the system could be executed by the attacker, allowing them to pull those underlying tokens from the reward contract.

Plugging The Gaps In A Few Hours

It should be noted that it only took a few hours for these affected contracts to be patched. Alongside this, 0xMaki had employed Peckshield, an auditing firm, to review the changes and ensure the safety of further contracts.

What’s interesting about this matter is the Sushiswap team actively tried to communicate with this hacker. They sent a message to them while they were searching for a solution, telling them that they’re fixing the problem, but the man can apply for a bug bounty if he wanted to.

Recent hacks and exploits within the DeFi space has been known to include these types of messages more often. Value DeFi saw its flash loans be exploit, with the exploiter eventually taunting the team. Luckily, this hacker had some sort of heart, returning some funds to a user claiming to be a nurse.

Read next

InsideBitcoins uses cookies to improve and customize your user experience. Learn more

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.