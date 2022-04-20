Although they continue to be viewed with suspicion, cryptocurrencies are here to stay. And just like real money, cryptocurrencies can also be stolen both in small amounts and in million-dollar heists. Just what has happened to BEanstalk Farms cryptocurrency.

stablecoins

Digital currency or digital money on the Internet is a means of exchange other than real money that has properties similar to physical currencies and allows instant transactions and transfer of ownership without borders. Digital currencies like bitcoin are known as “decentralized digital currencies,” meaning there is no central point that controls the money supply.

A ‘Stablecoin’ is a cryptocurrency linked to a reserve asset such as fiat currency, a commodity, or other cryptocurrencies.. It is a tokenized version of the asset and can be subtly introduced into a blockchain ecosystem to facilitate seamless pass transactions, improve arbitrage and exchange of value.

Beanstalk Farms

Beanstalk Farms describes itself as a “credit-based decentralized stablecoin protocol”. It works on a system where participants earn rewards by contributing funds to a central funding pool (called “the silo”) that is used to balance the value of a token (known as a “bean”) to around $1.

A flash loan allows users to borrow large amounts of cryptocurrency for very short periods of time. and must be refunded before finalizing the transaction. They are offered through decentralized finance (DeFi) protocols based on Ethereum, and their main purpose is to provide liquidity or take advantage of the arbitrariness of prices at a given time.

168 million euros in 13 seconds

The last Sundayan attacker managed to steal around 182 million dollars (168 million euros) in cryptocurrencies from Beanstalk Farms, a DeFi project whose goal is to balance the supply and demand of different cryptocurrency assets. In particular, the attack exploited Beanstalk’s majority vote governance system, a core feature of many DeFi protocols. And he did it in a time of just 13 seconds.

The attack was detected on Sunday morning by blockchain analytics firm PeckShield, which estimated that the net benefit to the hacker was about $80 million – about €74 million – of the total stolen funds, minus some of the borrowed funds that were necessary to carry out the attack. More than seventy million euros in thirteen seconds.

Through a Flash loan

According to analysis by blockchain security firm CertiK, the Beanstalk attacker used a flash loan obtained through the decentralized Aave protocol to borrow nearly $1 billion in cryptocurrency assets and exchange it for enough beans to gain a stake with 67% voting rights in the project. The funds loaned to the attacker were exchanged for ‘beans’, which are the rewards users receive for contributing assets to a large funding pool that is used to balance the value of a token, known as a ‘bean’.

It’s about a ‘exploit’ in the governance mechanism present in Beanstalk and many other DeFi projects. By it, participants can vote to change the code of the platform and receive voting rights in proportion to the value of the tokens they have.

With this supermajority participation, the attacker was able to approve the execution of the code that transferred the assets to his own wallet. The attacker then immediately repaid the flash loan, making a profit of $80 million. Beanstalk admitted to the attack in a tweet shortly after.saying they were “investigating the attack and will make an announcement to the community as soon as possible.”

Many Beanstalk Farms users claim on the platform’s Discord server hhave lost tens of thousands of dollars after the attack. Since then, the attacker has been moving the stolen funds through Tornado Cash, a privacy-focused transaction service that mixes deposits with each other to be withdrawn to a new address.