Compounding problems: $65M more COMP at risk as devs wait for time-locked bug fix
Compounding bug: $65M more than COMP at risk as devs wait for time-locked bug ready
While Compound'due south developers submitted a fix for the protocol's bug on Thursday, the update won't take effect until a seven-mean solar day time-lock on code updates has passed.
6180 Total views
24 Total shares
Major decentralized finance (DeFi) coin market Compound'south woes are worsening, with nearly $150 million worth of COMP now at risk due to a buggy upgrade to the protocol that went live concluding week.
On Thursday, Cointelegraph reported that a bug had resulted in between $70 1000000 and $85 million worth of COMP tokens being mistakenly offered to users as rewards afterwards an update intended to ready bugs and "split COMP rewards distribution" went awry.
Despite the advantage distribution error existence identified apace, Compound'south week-long delay in enacting new governance measures meant that the fault will not be fixed until Thursda.
On Sunday, Compound founder Robert Leshner tweeted that 202,472.5 COMP (worth approximately $65 million) had been placed at run a risk after the protocol's drip office was called for the first time in roughly two months.
The drip role makes tokens held in Compound's Reservoir available to users, with 0.v COMP beingness accumulated by the Reservoir per block. Leshner noted that "the majority of COMP reserved for users" is held in the Reservoir.
This brings the total COMP at risk to approximately 490k, of which 136k is nevertheless in the Comptroller, and 117k has been returned to the customs so far (Give thanks Yous ).
— Robert Leshner (@rleshner) October three, 2022
SushiSwap programmer Mudit Gupta took to social media to criticize the use of fourth dimension-locks on governance, asserting that roughly 100 people were aware of the threat posed by the drip office since the problems was discovered on Th, merely they were unable to human activity due to the time-delay on updating the protocol.
Gupta also warned of the risks associated with upgradable smart contracts, asserting they are inappropriate for "large [DeFi] primitives."
— Mudit Gupta (@Mudit__Gupta) October iii, 2022This is why timelocks on everything are not always the best option. Almost a hundred people knew about this possibility since day 1 merely their hands were tied due to the timelock.
All of this 68.8m can be tuckered, not just a quarter if at that place are malicious actors involved. https://t.co/xB5T1sjUQ8
"I've come to see upgradability equally more than of a bug than a feature," he added.
While Leshner's tweet revealed that roughly 117,000 COMP worth $37.6 million had been returned to the protocol following the initial incident, Yearn.finance developer Banteg estimated that one-3rd of the funds that were placed at take a chance by the drip office had already been claimed by users at roughly three:xxx pm UTC on Sunday.
Banteg tallied the total value of COMP tokens placed at risk by the protocol's bug to at present be $147 million.
Related: Hackers exploit MFA flaw to steal from 6,000 Coinbase customers — Report
Despite the bug'south initial identification causing the price of COMP to quickly crash 3% from $330 to $286 on Thursday, the token speedily recovered and traded above $340 on Saturday, according to CoinGecko.
COMP has shed vii% of its value since tagging a local high of $347.5 on Sunday, terminal irresolute hands for $322 at the time of writing.
Source: https://cointelegraph.com/news/compounding-problems-65m-more-comp-at-risk-as-devs-wait-for-time-locked-bug-fix
Posted by: wolframfooke1978.blogspot.com
0 Response to "Compounding problems: $65M more COMP at risk as devs wait for time-locked bug fix"
Post a Comment