The Warp Finance exploit in question involved taking Dai and trading it in such a volume that it destabilized the price.
There was a product called Warp Finance, which was, unfortunately, resulting in their users losing a significant amount of money. The attacker got away with $7.7 million in value. As the founder of ChartEx, I had a front-row seat to the aftermath. The exploiter destabilized the price of one of Warp Finance’s underlying assets that was used to calculate liquidations but the knock-on effect was a temporary destabilization of all USD calculated prices across our platform because the basis for understanding the dollar price of individual markets was tied to a weighted calculation of the spot price of Ethereum against a number of synthetic dollar assets.
The idea behind Warp Finance is liquidity provisioning (LP) tokens, which can be input as collateral for stablecoin loans. So, in short, users of Warp Finance were providing their assets to be borrowed. The exploit in question involved taking Dai, a stable coin developed by Maker that is a synthetic representation of $1, and trading it in such a volume that it destabilized the price. Effectively, this resulted in the net value of Ethereum heading towards zero.
And that is in and of itself due to the implementation of their pricing calculations with relation to liquidations, which triggered mass liquidations. The person that exploited that particular attack vector was the same person that took the benefits of the liquidation because where I spoke about Miner Extractable Value in terms of arbitrage, there is also a very healthy market for keepers, who perform jobs on a chain. And one of the keeper’s roles is to liquidate positions when they have become over-leveraged.
At the time, Emiliano Bonassi, the founder of DeFi Italy and a white hacker, noted that hackers tend to launch complicated attacks with multiple loans and swaps on several protocols.
“This is the second attack, which uses multiple flash liquidity, flash swaps via Uniswap, and flash loans via dYdX. We will see very complicated things via AaveAave V2 batch flash loans,” stated he.
Ultimately, Warp Finance claimed to have recouped 75% of the hacked funds. On ChartEx, we actually saw all of this play out in real-time. We saw the value of Ethereum appear to crash to nearly zero. It actually had knock-on effects because a lot of products, not just Warp Finance, calculate their asset prices by using the base price of Ethereum to work out what their individual asset was. And so we had a short-term flash crash that didn’t really exist because all of the calculated USD prices were influenced by the fact that the peg price of DAI had destabilized away from $1.
At ChartEx, our charts were affected by this because we have assets that were effectively showing that they’d gone to zero because the underlying asset that it was charted against had technically gone to zero for that split second. And so that caused a little bit of panic across the markets. People thought their own positions were at risk, too.
The short-term effect was that millions of dollars were lost in liquidations. The longer-term effects are that these DeFi products are going to be thinking a lot harder about the underlying mechanics of their particular product, and how it interacts.
With a background in IT spanning Software Engineering, Business Analysis and Intelligence and Infrastructure Architecture, CryptoShark first found the Cryptocurrency space through mining Ethereum from a spare gaming computer and later developed the popular decentralized charting platform, ChartEx. Working in the FinTech industry, it wasn’t long before he started applying his analytical skills, coupled with a software engineering background to build tools to analyse trading data from emerging exchanges. This led CryptoShark to build ChartEx, a leading provider of full candlestick charting and other widely used trading tools for markets in the largest exchanges in the industry.
