{"id":2411,"date":"2023-11-02T06:53:30","date_gmt":"2023-11-02T06:53:30","guid":{"rendered":"https:\/\/cryptobulls.biz\/blog\/?p=2411"},"modified":"2023-11-02T11:45:29","modified_gmt":"2023-11-02T11:45:29","slug":"onyx-protocol-a-2-1-million-exploit-reveals-the-risks-of-decentralized-lending","status":"publish","type":"post","link":"https:\/\/cryptobulls.biz\/blog\/onyx-protocol-a-2-1-million-exploit-reveals-the-risks-of-decentralized-lending\/","title":{"rendered":"Onyx Protocol: A $2.1 Million Exploit Reveals the Risks of Decentralized Lending"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_56_1 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\"><p class=\"ez-toc-title\"><\/p>\n<\/div><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/cryptobulls.biz\/blog\/onyx-protocol-a-2-1-million-exploit-reveals-the-risks-of-decentralized-lending\/#Overview\" title=\"Overview\">Overview<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/cryptobulls.biz\/blog\/onyx-protocol-a-2-1-million-exploit-reveals-the-risks-of-decentralized-lending\/#The_Onyx_Protocol_Exploit\" title=\"The Onyx Protocol Exploit\">The Onyx Protocol Exploit<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/cryptobulls.biz\/blog\/onyx-protocol-a-2-1-million-exploit-reveals-the-risks-of-decentralized-lending\/#Reactions\" title=\"Reactions\">Reactions<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/cryptobulls.biz\/blog\/onyx-protocol-a-2-1-million-exploit-reveals-the-risks-of-decentralized-lending\/#The_Bigger_Picture_Security_in_Decentralized_Finance\" title=\"The Bigger Picture: Security in Decentralized Finance\">The Bigger Picture: Security in Decentralized Finance<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/cryptobulls.biz\/blog\/onyx-protocol-a-2-1-million-exploit-reveals-the-risks-of-decentralized-lending\/#Conclusion\" title=\"Conclusion\">Conclusion<\/a><\/li><\/ul><\/nav><\/div>\n\n<p class=\"wp-block-paragraph\">In a startling revelation, the decentralized lending protocol, Onyx Protocol, fell victim to a security exploit resulting in a loss of approximately<strong> $2.1 million<\/strong>. The exploit carried out using a known bug in the CompoundV2 fork, has sent ripples through the DeFi landscape.<\/p>\n\n\n\n<h1 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Overview\"><\/span>Overview<span class=\"ez-toc-section-end\"><\/span><\/h1>\n\n\n\n<p class=\"wp-block-paragraph\">Decentralized finance (DeFi) has been a hot topic in the world of cryptocurrency, promising to democratize finance by removing intermediaries and allowing peer-to-peer transactions. However, the recent exploit of Onyx Protocol, a decentralized peer-to-peer lending protocol, has raised serious concerns about the security of these platforms. The exploit resulted in a loss of approximately $2.1 million, making it one of the most significant security breaches in DeFi to date. This incident serves as a stark reminder of the risks involved in DeFi and underscores the need for robust security measures. In this article, we delve into the details of this exploit and its implications for the future of decentralized finance.<\/p>\n\n\n\n<h1 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"The_Onyx_Protocol_Exploit\"><\/span>The Onyx Protocol Exploit<span class=\"ez-toc-section-end\"><\/span><\/h1>\n\n\n\n<p class=\"wp-block-paragraph\">The blockchain analytics firm, <a href=\"https:\/\/x.com\/peckshield\/status\/1719664641109037551?s=20\" target=\"_blank\">PeckShield<\/a>, was the first to disclose the exploit of Onyx Protocol. Their tweet revealed that Onyx Protocol had lost close to $2.1 million in Ethereum (ETH) to the exploiters. It was discovered that the exploiter\u2019s wallet contained<strong> 1,164 ETH<\/strong>, which is roughly equivalent to $2.1 million. As of now, the specifics of the exploit are still being uncovered and Onyx Protocol has not yet issued a statement on the matter. This event emphasizes the necessity for strong security measures in DeFi platforms and serves as a stark warning of the potential risks involved.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/cryptobulls.biz\/blog\/wp-content\/themes\/groovy\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/lh7-us.googleusercontent.com\/UKaPvZIoCKsj8nT5z2zyqXVw6kamCatYy4592mprq_TNCz64ecpPWk0wRsSNCfHWi3XKFlgubFu1hO9GOI97t8S5dYkTKu8Krm_RhPiAiMm_6uAgxZLg06ln6pYPg4i2pEeKDC1vDWlwBjY6D1xFUqI\" alt=\"\"\/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/x.com\/peckshield\/status\/1719664641109037551?s=20\" target=\"_blank\"><em>Official tweet by PeckShield Account<\/em><\/a><\/p>\n\n\n\n<h1 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Reactions\"><\/span>Reactions<span class=\"ez-toc-section-end\"><\/span><\/h1>\n\n\n\n<p class=\"wp-block-paragraph\">The crypto community has responded to this incident with concern. PeckShield, a blockchain analytics firm, was the first to disclose the exploit, and their tweet about the incident has brought attention to the inherent security risks in DeFi platforms.&nbsp;&nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>PeckShield via X(Twitter)<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><img decoding=\"async\" src=\"https:\/\/cryptobulls.biz\/blog\/wp-content\/themes\/groovy\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/lh7-us.googleusercontent.com\/iNAWwUKTCNp--Al1WbUX02-l4F3lhYqMcqGsq8MuRYNCeZQaWyjktI3Uy5LzFLIDxjO2HwRDQxWFjLsituf_w7B0FBwzeWv15kMUdOYuxlknLEo2Ks2tUV3QLq9orofowcK9RBrksb5o9cih59PbVek\" style=\"width: 800px;\"><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Alex Onyx, the community leader of Onyx Protocol, shared on Twitter that Onyx Protocol had experienced an exploit, resulting in a loss of approximately 1,163.53 ETH, which is roughly $2.1 million.&nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><em>Alex Onyx via <\/em><a href=\"https:\/\/x.com\/al_onyxprotocol\/status\/1719698066020733063?s=20\" target=\"_blank\"><em>X(Twitter)<\/em><\/a><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/cryptobulls.biz\/blog\/wp-content\/themes\/groovy\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/lh7-us.googleusercontent.com\/jhH5V-l0Tid8UkVIScNIw0rYRS5cd9rHoSiBQTC8X7BXpXqt41yYbarw26m_uKIn2tFnzQRTCmR5X12AMs1zDRATP9Fy8UJyZlu3zi56sOBnaYaIYQb0gqZA27kwEGlzyxDjNTEc2yOEgoNeQW7N7hw\" width=\"635\" height=\"195\"><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">He assured the community that they were aware of the situation and had closed the vulnerability. They are currently working on addressing the consequences with their partners. He also provided an update stating that the exploit did not affect the XCN token and its contract, the XCN staking pool, and the Uniswap trading pools, confirming that they are safe.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/cryptobulls.biz\/blog\/wp-content\/themes\/groovy\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/lh7-us.googleusercontent.com\/FD9WJcki_ZJsqDdIrcMP7PzYbz2bwhl8Sh6Hxvh84ArGDEjF4U7B9kGAP6Db6e7ZQfJ6Y6Er47syYP7A0Ka3nG4PBoBjS4jelwHZbiATd5dPqprSdvdOmxnGySHbimZAFgRweTdCvYas3IqmY_Cq7Og\" alt=\"\"\/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\"><em>Alex Onyx via <\/em><a href=\"https:\/\/x.com\/al_onyxprotocol\/status\/1719861357514772732?s=20\" target=\"_blank\"><em>X(Twitter)<\/em><\/a><\/p>\n\n\n\n<h1 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"The_Bigger_Picture_Security_in_Decentralized_Finance\"><\/span>The Bigger Picture: Security in Decentralized Finance<span class=\"ez-toc-section-end\"><\/span><\/h1>\n\n\n\n<p class=\"wp-block-paragraph\">The recent exploit of the Onyx Protocol has brought to light the broader implications for security in decentralized finance (DeFi). This is not an isolated incident. The same rounding issue bug that was exploited in the Onyx Protocol was also present in Hundred Finance, another multi-chain lending protocol. This bug led to a significant security breach in Hundred Finance, resulting in a loss of about $7 million due to a hack on the Ethereum layer-2 blockchain, Optimism. The exploit was carried out by taking advantage of an integer rounding vulnerability in the hToken contract logic for redeeming underlying tokens.&nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">This vulnerability becomes evident when a market lacks liquidity. The attacker was able to drain 1,030 ETH, 1,265,979 USDC, 1,113,431 USDT, 865,143 SUSD, 842,788 DAI, 457,286 FRAX and 20,854 SNX from the protocol. This included assets from the current deployment as well as around $50,000 worth of ETH, USDC and SNX remaining from the previous Optimism Deployment of the app. These incidents serve as stark reminders of the inherent risks involved in DeFi and underscore the need for ongoing vigilance and proactive security measures.&nbsp;<\/p>\n\n\n\n<h1 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Conclusion\"><\/span>Conclusion<span class=\"ez-toc-section-end\"><\/span><\/h1>\n\n\n\n<p class=\"wp-block-paragraph\">In conclusion, the recent exploit of the Onyx Protocol, resulting in a loss of approximately $2.1 million, has brought to light the broader implications for security in decentralized finance (DeFi). The exploit was carried out using a known bug in the CompoundV2 fork, a popular platform in the DeFi space. This bug is a rounding issue that has been exploited before, notably in an incident involving Hundred Finance where a hacker extorted $7 million.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">From an analyst&#8217;s perspective, these incidents highlight the need for DeFi platforms to invest more in security audits and measures. These platforms must learn from such exploits and implement necessary precautions to prevent similar incidents in the future. The future of DeFi depends on its ability to provide secure and reliable services to its users.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In a startling revelation, the decentralized lending protocol, Onyx Protocol, fell victim to a security exploit resulting in a loss of approximately $2.1 million. The&#8230;<\/p>\n","protected":false},"author":1,"featured_media":2413,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_wpscppro_dont_share_socialmedia":false,"_wpscppro_custom_social_share_image":""},"categories":[3,2],"tags":[316],"class_list":["post-2411","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","category-defi","tag-onyx-protocol-defi"],"_links":{"self":[{"href":"https:\/\/cryptobulls.biz\/blog\/wp-json\/wp\/v2\/posts\/2411","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cryptobulls.biz\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cryptobulls.biz\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cryptobulls.biz\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cryptobulls.biz\/blog\/wp-json\/wp\/v2\/comments?post=2411"}],"version-history":[{"count":6,"href":"https:\/\/cryptobulls.biz\/blog\/wp-json\/wp\/v2\/posts\/2411\/revisions"}],"predecessor-version":[{"id":2442,"href":"https:\/\/cryptobulls.biz\/blog\/wp-json\/wp\/v2\/posts\/2411\/revisions\/2442"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cryptobulls.biz\/blog\/wp-json\/wp\/v2\/media\/2413"}],"wp:attachment":[{"href":"https:\/\/cryptobulls.biz\/blog\/wp-json\/wp\/v2\/media?parent=2411"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cryptobulls.biz\/blog\/wp-json\/wp\/v2\/categories?post=2411"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cryptobulls.biz\/blog\/wp-json\/wp\/v2\/tags?post=2411"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}