Beanstalk cryptocurrency project robbed after hacker votes to send themself $182 million \ stacker news ~bitcoin

Beanstalk cryptocurrency project robbed after hacker votes to send themself $182 million www.theverge.com/2022/4/18/23030754/beanstalk-cryptocurrency-hack-182-million-dao-voting

51 sats \ 9 comments \ @mf 19 Apr 2022 bitcoin

view all related items

10 sats \ 3 replies \ @k00b 19 Apr 2022

I'm not sure it's fair to call this a hack in the illegal sense. He played by the rules of the system and won.

According to analysis from blockchain security firm CertiK, the Beanstalk attacker used a flash loan obtained through the decentralized protocol Aave to borrow close to $1 billion in cryptocurrency assets and exchanged these for enough beans to gain a 67 percent voting stake in the project. With this supermajority stake, they were able to approve the execution of code that transferred the assets to their own wallet. The attacker then instantly repaid the flash loan, netting an $80 million profit.

Based on the duration of an Aave flash loan, the entire process took place in less than 13 seconds.

0 sats \ 0 replies \ @0xtr 19 Apr 2022

damnnn

0 sats \ 1 reply \ @zuspotirko 19 Apr 2022

Flashloans are scary.

I honestly would never accept a job in the ethereum ecosystem - no matter how high the salary. There is no way to properly test something because no test environment is ever as safe as the live chain. I couldn't sleep at night - idk how these people can.

3 sats \ 0 replies \ @k00b 19 Apr 2022

One of the surprising things about human nature is the ability to rationalize all behavior - even the most immoral. Everyone fundamentally thinks they're a good person regardless of what they've done, which means they've convinced themselves there are good reasons for what they've done.

I imagine when working in the ethereum ecosystem one says to oneself:

Everyone else is doing it
My users understand all the risks but took them anyway. It's not my fault they assessed the risk wrong.
I'm making money because I'm providing value. It's signal that what I'm doing is the right thing.

This interview with a famous cybercriminal Brett Johnson on Lex Fridman's show is illuminating: https://www.youtube.com/watch?v=cC1LFC0KFSw. He didn't care about his victims because he convinced himself he was doing it for his family - which in his mind washed away the harm it caused and still made him good.

3 sats \ 0 replies \ @TheBTCManual 19 Apr 2022

Lol lets make algo backed stablecoins what could go wrong? If a flash loan can take down your entire ecosystem what is the point?

ETH protocols working as intended I suppose, pure rug pull tech

1 sat \ 0 replies \ @zuspotirko 19 Apr 2022

This is crazy. The same day that the wallstreetjournal has a story about smart contract "algorithm based" stablecoins this happens. Literally the same day.

1 sat \ 0 replies \ @Ge 19 Apr 2022

I'm sure I'm not the only one who giggled at that one haha :)

0 sats \ 0 replies \ @starbuilder 19 Apr 2022

The entire hack happened in 1 transaction...! apples to apples comparison on how this looks in real world - Borrow money from Goldman Sachs to become majority shareholder in Bank of America, take board ownership and pass a mandate to approve your personal account to withdraw entire bank liquidity, repay borrowed loan and walk away with $182 Million...! Kinda crazy if you think that way..!

0 sats \ 0 replies \ @0xtr 19 Apr 2022

lmao, what a great title