Soon the end of “flash-hacks” in DeFi? Warp Finance speculates on the nature of the loophole that hackers love to get into. Chainlink (LINK) is said to be partly the key to the problem.
Better oracles to predict or prevent a hack
For the team of Warp Finance, their platform’s $ 8 million hack could have been avoided with better oracles.
The platform Challenge specializing in loan and borrowing protocols had been the victim of a hack carried out through a flash loan, shortly after its launch.
January 8, 2021, Warp Finance announced the release of a new version that will include oracles from Chainlink. Embedding these oracles could serve as protection against similar hacks.
This type of hack uses a feature that allows you to open the credit tap at will, as long as the loans are repaid in the same block Ethereum (ETH). According to security experts, the hacks are linked to abuse of the price oracle.
Manipulators and not hackers
The oracle problem appears to have been compounded by the use of liquidity tokens as collateral.
This is one of the peculiarities of Warp Finance which allows to block liquidity-generating tokens and, to combine both the yield of trading commissions and that of borrowers using the protocol.
The security expert Emiliano Bonassi indicated that the hack was possible because the oracles did not correctly calculate the underlying value of the tokens in the liquidity pool.
The new protocol is based on the price flows of Chainlink for all critical functions, including the value of the tokens used as collateral.
The founder of Chainlink, Sergey nazarov, has often insisted that oracles should cover as wide a field as possible.
He believes that many flash loan hacks are closer to market manipulation than software bugs.
Does DeFi therefore suffer from “calculation errors”? Some oracles should revise the math, to avoid 7-digit losses in DeFi. Chainlink could therefore plug the loopholes in the flash loans at the origin of the hacks. Will Warp Finance’s diagnosis and the advanced solution be taken over by the other DeFi protocols? Hackers will likely test the validity of this hypothesis, which they might view as a challenge to them.
Litecoin, welcome in the Silver Age