Another DeFi platform took a major hit today, as the decentralized, credit-based stablecoin Beanstalk (with it’s stablecoin $BEAN) has broken it’s peg following a roughly $80M hack.
There has been speculative activity all around and many sleuths have followed the movements of money and studied the exploit that likely has Beanstalk Farms out of business.
Let’s look at what we know from the early hours since the hack.
Beanstalk Farms’ Hack: What Went Down
The transaction on Etherscan shows that the hacker used what’s commonly known as a ‘flash loan attack,’ one that has been seen on DeFi protocols previously. The flash loan is a crypto-based way to borrow and pay off a loan at once. It reduces risks for both lenders and borrowers and streamlines processes.
In the Beanstalk Farms hack, the hacker borrowed nearly a third of the BEAN supply, roughly 32 million tokens and utilized Curve Finance’s $3Crv tokens to generate a unique tokens ‘BEAN3CRV-f’ and ‘BEAN3LUSD-f.’
The attacker utilized these two new tokens to deceive Beanstalk’s governance model and gave the hacker a massive majority holding of ‘seeds,’ the platform’s governance token. With such a larger holding of seeds, the hacker had the contractual capability to execute an ’emergency governance action,’ siphoning massive amounts of funds from the Beanstalk contract.
Even a $250K Ukrainian donation was included in the hack. The hacker also created governance proposals 24 hours before the actual execution of flash loan attacks.TradingView.com – Source: LSS – USDT
Lossless (LSS) has reached out to Beanstalk; the project is an increasingly-utilized tool to combat against potential hacks. | Source: LSS-USDT on TradingView.com
Related reading: Bitcoin holds onto $40K on Easter Sunday as Crypto Heads Lower in the Short-Term| Bitcoin Clings To $40K On Easter Sunday As Crypto Seen To Head Lower In The Short Term
What Can The Protocol Do?
Beanstalk had just celebrated $150M in TVL, $130M in liquidity and an impending market cap of $100M. The protocol has had to pump the brakes, and it’s future is now unclear – with a stark Discord screenshot from admins:
The protocol’s recovery from the event will not be easy to predict. Other Discord screenshots demonstrate that the project isn’t closing down right away, but it isn’t making any commitments towards an eventual rebuild.
Lossless, crypto hacker mitigators have reached out to Beanstalk and will need strong partners in order to recover. Commentors on Beanstalk’s Twitter account have speculated that it was an ‘inside job’ conducted by Beanstalk to leave retail as exit liquidity. However, until more details come to light, it’s all speculation.
We’re engaging all efforts to try to move forward. Decentralized projects like ours are asking experts in chain analytics and the DeFi community to help limit the exploiter’s ability to withdraw money via CEXes. If an exploiter wants to have a conversation, that is fine too. https://t.co/fwceVz6hbi
— Beanstalk Farms (@BeanstalkFarms) April 17, 2022
Similar Reading: ADA to Rebound with Integration of USDT and USDC on Cardano| ADA To Rebound With Integration Of USDT And USDC On Cardano
Featured Image from Pixabay. Charts from TradingView.com This content was not written by or associated with the mentioned parties. This content is not intended to be financial advice.