DeFi platform Yearn.Finance said Thursday that one of its pools of funds had been exploited, resulting in the loss of $2.8 million.
“We have noticed the v1 yDAI vault has suffered an exploit. The exploit has been mitigated,” the project’s official Twitter account said. Yearn.Finance is a so-called yield aggregator, through which users can deposit funds in pools — or vaults — which are then deployed to other DeFi protocols in an effort to generate yields for those depositors.
One of Yearn’s core developers later shared details about the exploit on Twitter:
Yearn DAI v1 vault got exploited, the attacker got away with $2.8m, the vault lost $11m. Deposits into strategies disabled for v1 DAI, TUSD, USDC, USDT vaults while we investigate. pic.twitter.com/1RWYyu0d5m
— banteg (@bantg) February 4, 2021
Stani Kulechov, the founder of DeFi platform Aave, later tweeted out the transaction at the heart of the exploit, involving numerous DeFi protocols and more than $5,000 worth of ETH-denominated gas fees.
“Complex exploit with over 160 nested transactions and 8,6 mm gas used (around 75% of the block) resulted to 2.7 mm USD loss,” Kulechov wrote.
This story is developing and will be updated as more information becomes available.
© 2021 The Block Crypto, Inc. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.