Even as billions of dollars were poured into the DeFi space over the past year, the industry continues to be plagued with regular exploits and hacks. Most recently, one of DeFi’s biggest lending and borrowing protocols, Compound Finance, fell victim to a bug that could potentially cost the company millions of dollars.
The interest rate protocol recently introduced an update that led “some users to receive far too much COMP” tokens in unearned rewards. Compound Labs, the team behind the Compound protocol, tweeted about the incident earlier, stating,
“Unusual activity has been reported regarding the distribution of COMP following the execution of Proposal 062. No supplied/borrowed funds are at risk — Compound Labs and members of the community are investigating discrepancies in the COMP distribution.”
Later, the protocol’s founder, Robert Leshner, tweeted out an explanation stating that the newly introduced Proposal 62 which updated the Comptroller contract, tasked with distributing COMP to users of the protocol, contained a bug that caused this issue.
The update’s purpose was to split the COMP distribution to borrowers and liquidity suppliers based on governance-set ratios rather than the 50/50 model that was used previously, along with fixing minor bugs. However, as the upgraded contract contained a bug, some users were able to claim around 168,000 COMP tokens already, which were worth almost $50 million at press time.
Leshner further revealed that “the impact is bounded, at worst, 280,000 COMP tokens,” which was worth about $80 million at the time of writing. While there are still thousands of tokens left in the Comptroller, the protocol’s decentralized nature prevents the distribution contract from being changed without governance interaction. He said,
“There are no admin controls or community tools to disable the COMP distribution; any changes to the protocol require a 7-day governance process to make their way into production. Labs, and members of the community, are evaluating potential steps to patch the COMP distribution.”
DeFi Llama developer “0xngmi,” who delved deeper into the issue, reported on Twitter that most of the faulty rewards were on the borrower side, with one user taking their 10 million in COMP and dumping them on OKEX and Huobi for stablecoins.
He also stated that the bug only allowed people who had borrowed from the protocol earlier to claim these rewards, while those greedy enough to try borrowing now to earn these rewards wouldn’t be successful.
At the time of writing, COMP had lost over 11% of its valuation over the past day and was priced at $300, presumably due to fear spread by the bug.
DeFi protocols are vulnerable to bugs because of hackers having the ability to leverage through even minor bugs in the codebase. Last month, one of the biggest DeFi hacks took place when a white hat hacker stole over $600 million from Poly Network. While this protocol was lucky enough to be returned their funds, pNetwork lost $12.7 million last week in an exploit that cost them 277 Bitcoins.
Where to Invest?
Subscribe to our newsletter
Anjali is a full-time journalist at AMBCrypto. With a strong background in humanities, her personal inclination lies towards the political and socio-economic aspects of the crypto-sphere
Note: This article have been indexed to our site. We do not claim ownership or copyright of any of the content above. To see the article at original source Click Here
All-new Amazon Echo Show 15 | A stunning HD 15.6" smart kitchen TV for home organization with Alexa
$299.99 (as of January 23, 2025 19:24 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Red Heart Super Saver Black Yarn - 3 Pack of 198g/7oz - Acrylic - 4 Medium (Worsted) - 364 Yards - Knitting/Crochet
$10.32 (as of January 23, 2025 19:56 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
New Amazon Kindle (16 GB) - Lightest and most compact Kindle, with glare-free display, faster page turns, adjustable front light, and long battery life - Matcha
$109.99 (as of January 23, 2025 19:19 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Hanes EcoSmart Fleece, Cotton-Blend Pullover, Crewneck Sweatshirt for Men (1 Or 2 Pack)
$11.98 (as of January 23, 2025 19:56 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
