Acala Protocol Exploited – Attackers Artificially Create $1.2 Billion

Acala Hack: What Happened?

The Acala protocol warned its users of a “configuration problem‘ Very early on Sunday, as several other players in the ecosystem began raising awareness of the issue. At noon, the log confirmed that the problem existed on the recent iBTC/aUSD liquidity poolWhich led to…Significant amount of erroneous coinage in aUSD“.

We identified the issue as a misconfiguration of the iBTC/aUSD liquidity pool (which went live earlier today) resulting in erroneous minting of a significant amount of aUSD
1/

— Acala (@AcalaNetwork) August 14, 2022

The criminals may have exploited the gap to create it artificially more than $1.2 billion, the stablecoin of the protocol. Please note that contrary to what we have read here and there, this is not a theft but a token creation. If you take this artificially created sum into account, it is of the biggest hack in DeFi history.

The person allegedly linked an Ethereum account to the Acala protocol and the address was fed through the Binance exchange. Acala has confirmed that the addresses associated with this hack have been frozen. More than 99% of the crowd attached to Acala’s parachain, and cannot be transferred. At the same time the protocol was stopped:

Meanwhile, features like swap, xcm, Honzon-related, etc. on Acala have been paused until further notice by urgent governance vote; The Oracle range has also been paused so users don’t have to worry about liquidations in the meantime.
7/

— Acala (@AcalaNetwork) August 14, 2022

According to Acala, the configuration issue that led to this hack has since been fixed. But the damage has already been done and the impact on the project is being felt.

👉 To go further – What is DeFi? All about decentralized finance

Stablecoin aUSD falls after Acala protocol hack

As several commenters have pointed out, while not stealing, the artificially created crowd is colossal even for the DeFi sector. The most visible result was the catastrophic deprecation of the stablecoin aUSD, which hit $0.05 yesterday. Since then it has risen but still hasn’t managed to regain parity with the dollar:

The price of a USD loses parity with the dollar after the Acala hack

For its part, the price of the ACA also suffered a significant drop, Loss of -17% in just over a day. We’ll of course have to wait and see how far this fall will go as new information becomes available.

👉 Follow cryptocurrency prices live

Diverse and comprehensive services

Buy and make your cryptos work

The governance of the project in question

Aside from these financial considerations, several members of the crypto community were concerned about the decentralization of the projectthat has gone into maintenance mode to stop the created money transfers:

I think it would have to go to governance to be “decentralized” finance (DeFi). If Acala centrally controls this decision, is this really DeFi?

— Gr33nHatt3R.dot ⭕ (@Gr33nHatt3R) August 14, 2022

“There would need to be a governance vote for this to be “decentralized” finance (DeFi). If Acala controls this decision centrally, Is it really DeFi?»

Acala confirmed that the protocol is awaiting community decision before releasing these funds:

Pending the decision of the collective governance of the Acala community to resolve the error minting, those incorrectly minted aUSD that remained on the Acala parachain along with those swapped native tokens of the Acala parachain were not transferred anymore.
4/

— Acala (@AcalaNetwork) August 14, 2022

“Pending the collective decision of community governance, […] The aUSD that was mistakenly minted will remain on the Acala parachain along with the native tokens […] that were exchanged are locked and cannot be transferred.»

published by Editions Larousse

An uncertain future for Acala?

In the meantime, the community debates. On the Acala Discord, some want the changes rolled back to the parachain. Others think so it would set a bad precedent for the projectt. This is a common debate in the crypto community, with the most prominent example being the hack that led to the creation of Ethereum (ETH).

Whatever the Acala community decides, we can already see that trust in the protocol has been damaged since yesterday. This is not the only DeFi-related hack that has taken place recently. Less than a week ago, Curve Finance also suffered an attack and saw $570,000 go up in smoke.

Recall that Acala was one of Polkadot’s most-followed projects: in March 2022, it had managed to raise $250 million to boost the launch of its stablecoin, aUSD. So it’s one of the future giants of Polkadot that just stumbled.

👉 To read on the same topic – Binance manages to recover $450,000 from Curve Finance hack

Join experts and a premium community

PROFESSIONAL

Invest in your crypto knowledge for the next bull run

Source: Acala Network via Twitter – Chart: Trade View, aUSD/USDT

As a journalist at Cryptoast, I got caught up in the cryptocurrency pot a few years ago. I’m passionate about the innovative technologies that come out of the blockchain and I love finding the crispest bits of information to share with you.

Marine Debelloir

2088 items