Gamma Strategies DeFi Protocol Reveals Vulnerability Post Initial Probe 

Facebook
X
Email

A vulnerability caused by an exploit cost Gamma Strategies, a Decentralized Finance protocol developed on the Ethereum blockchain, almost $3.4 million. Following the incident, the protocol moved quickly to stop additional losses by temporarily blocking deposits to all public DeFi vaults while allowing withdrawals for users who needed to retrieve their money. 

On January 4, blockchain investigator PeckShield first discovered the attack, which Gamma Strategies later verified. The platform announced that it had found the incident’s primary cause.

Protocol Vulnerabilities: Unveiling the Gamma Strategies Incident

There are four main defenses against flash loans in Gamma’s vaults. These include imposing deposit caps per deposit, forbidding single-sided deposits, imposing a price change threshold that will prevent deposits when the price change surpasses a predetermined amount, and requiring a token0 and token1 ratio that corresponds to the pool’s ratio.

According to the protocol, the primary cause of the problem was the excessively high price change threshold settings, which permitted price changes of up to 50–200% on some LST and stablecoin vaults. Because of this, the attacker was able to influence the price to the threshold and produce an atypically large quantity of LP tokens.

Gamma’s Post-Mortem Analysis and the Path Forward

In addition to “maximizing recovery for all affected users,” Gamma Strategies has stated that it will set all price change thresholds to a safe threshold level and enlist the help of a third party to review the code in order to ensure that this attack is effectively mitigated before reopening deposits. 

Gamma Strategies has also stated that a thorough post-mortem analysis will be released shortly. Nevertheless, Gamma Strategies has not yet indicated whether it plans to compensate its victims. The company mentioned that despite the closure of deposits, the rebalances and management of the positions remain active, unaffected by the exploit.

Cryptocurrency Sector’s Woes: Double Security Breach in 2024

Two security breaches occurred in the cryptocurrency sector in the first four days of 2024.

An earlier last week hacking incident on Orbit Chain, a project that facilitates cross-chain bridging, resulted in the loss of around $80 million in assets. Seven of the ten multisig signers were compromised by the attacker, resulting in a $81.5 million loss overall.

With $30 million in USDT, $10 million in USDC, and $10 million in DAI, stablecoins made up the bulk of the stolen money. Moreover, over 9,500 ETH ($21.5 million) and 231 WBTC ($10 million) were also compromised.

Takeaways

Following the recent exploit that cost Gamma Strategie a significant loss, the event highlights the growing difficulties in protecting DeFi platforms and is linked to flaws in the protocol’s security mechanisms against flash loans. As the cryptocurrency sector faces a string of security lapses in 2024, these instances underscore how vital it is for everyone involved in the field to maintain vigilant surveillance and implement strong security protocols.

Scroll to Top