/biz/ - Business & Finance

bZx is lying to you. Anonymous Sat Feb 15 21:00:06 2020 No.17269573 [View]
File: 2.22 MB, 2186x1486, badORACLE.png [View same] [iqdb] [saucenao] [google]

https://etherscan.io/tx/0xb5c8bd9430b6cc87a0e2fe110ece6bf527fa4f170a4bc8cd032f768fc5219838

I'm not sure how everybody seemed to latch on to the same narrative about how the exploit worked (does nobody do original research?), but here is exactly what happened:

Attacker opened a massive WBTC *long*, using the 5x Short ETH token (https://etherscan.io/token/0xb0200b0677dd825bb32b93d055ebb9dc3521db9d); the attacker used 51.34 WBTC as collateral to borrow 4,698.01 WETH from the iETH contract.

Fulcrum then market-bought as much WBTC as it could using that WETH. Ruh-roh, no order-book exists. Just like last week, after which they bragged about high volume, and took no action.
>https://www.reddit.com/r/ethfinance/comments/f1hhov/bzx_fulcrum_user_lost_250k_instantly_warning/

Attacker's Fulcrum account has now defaulted. He loses *more* than his 51.34 WBTC of equity; he loses all of iETH's WETH. LOL. Fulcrum iETH is now INSOLVENT.

Attacker now sells his borrowed WBTC into the insane-market-price for ETH, repaying dYdX, and having a positive gain - at Fulcrum's expense. Wonder where his profit came from? iETH bag-holders. If you hold iETH, you ARE NOT SAFE - this token is INSOLVENT; borrowed WETH exceeds iETH supply.

Fulcrum is now going to obscure this fact, and say "its ok" that *their largest borrower ever has defaulted*. They are patching the contracts. If you are patching, it means theres a bug in the contracts. This wasn't an Oracle attack (they use Kyber, which IS Uniwswap for WBTC, another misdirection from team's part) - it was them being fleeced.

bZx hacked, Oracle failure (first DEFI HACK) Anonymous Sat Feb 15 07:05:56 2020 No.17257895 [View]
File: 2.22 MB, 2186x1486, badORACLE.png [View same] [iqdb] [saucenao] [google]

BREAKING:

bZx got hacked because of their bad oracle system (they use Uniswap). System frozen by admins, ETH lost, users on the hook.

1. attacker shorted WBTC on bzx with 10,000 ETH
2. attacker sold 112 wbtc on uniswap to push down the price
3. profit from short ?
4. attacker paid back 10,000 ETH to dydx from flashloan used in attack

the TX
https://etherscan.io/tx/0xb5c8bd9430b6cc87a0e2fe110ece6bf527fa4f170a4bc8cd032f768fc5219838

Withdraw funds from bZx asap. Buy LINK. Don't ever use bZx again, ever. Even after they integrate LINK.

Advanced search
Text to find
Subject [?]Search by post subject. Leave empty for any.
Username [?]Search for user name. Leave empty for any user name.
Tripcode [?]Search for tripcode. Leave empty for any.
Email [?]Search by email. Leave empty for any.
Filename [?]Search by image filename. Leave empty for any.
From Date [?]Enter what date to start searching from. Format is YYYY-MM-DD
To Date [?]Enter what date to start searching until. Format is YYYY-MM-DD
Image hash
Search in	All Posts OPs Only
Deleted posts	Show all posts Show only deleted posts Only show non-deleted posts
Internal posts	Show all posts Show only internal posts Show only archived posts
Order	New posts first Old posts first
Capcode	All Posts Only by Users Only by Mods Only by Admins Only by Developers
Results	Posts Threads
Action	[ Simple ]

Navigation
View posts	[+24]	[+48]	[+96]

/biz/ - Business & Finance

Search: