While DeFi has been gaining an increasing level of market growth in terms of both popularity and liquidity, the openness of DeFi has also led to frequent occurrences of security incidents such as hacks and exploits that always resulted in the loss of participants’ funds. In this report, we will explore different major DeFi attack vectors that you should be aware of and understand how such attacks can wipe out millions from the protocols.
Decentralized Finance (DeFi) has taken the world by storm thanks to its boundless opportunities and applications. According to DeFi Pulse, the industry has exceeded $57 Billion in total value locked (TVL) as in June 2021.
DeFi protocols have become appealing targets for hackers as the open and immutable nature of smart contracts has made hacking hard to prevent. More than $500 million worth of assets have been stolen in the last 8 months due to hacks and exploits. The growing number of attacks may slow down the mainstream adoption of decentralized finance solutions.
This report has covered several common DeFi attack vectors and mitigations, including price oracle manipulation, reentrancy attack and the rug pull.
Price Oracle manipulation using flash loans is the most common type of exploits in recent years. Malicious parties can use large amounts of unsecured loans to manipulate the assets’ apparent prices on decentralized exchanges (DEX). If a protocol relies on one single DEX as the only price oracle, it will become vulnerable to the manipulation of price data.
Read the full version of the Attacks and Exploits in DeFi here.