Oracle

DeFi protocol Venus seeks to patch $270K hole from oracle incident

The DeFi lending and borrowing protocol has confirmed it was affected by a malfunctioning Binance price oracle but confirmed user funds were safe.

Decentralized finance (DeFi) protocol Venus confirmed it was impacted by an issue with one of its price feed oracles, resulting in borrows totaling around $270,000 on Dec. 11.

However, it has downplayed the incident from being an exploit as described by analysts, and it also vowed to replace funds from the treasury.

On Dec. 10, reports emerged that a malfunctioning price oracle had affected the Binance Smart Chain-based decentralized lending and borrowing marketplace.

Read more

Ethereum team lead sees zero interest from university in collaborating

Peter Szilagyi, Ethereum’s team lead, voiced dissatisfaction with his former university’s lack of enthusiasm in recommending students for collaboration with Ethereum.

Peter Szilagyi, the team lead of Ethereum, has expressed frustration over his alma mater’s lack of interest in providing opportunities for students to collaborate with Ethereum (ETH).

In a series of posts on X (formerly Twitter), Szilagyi explained that he had always felt a lack of genuine interest when he returned to his old university to deliver talks about Ethereum.

He stated that the students appeared to be more focused on the price of Ethereum rather than the project itself.

“The audience seems to have been stuck in the number go up aspect; and the organizers always used it as an ad campaign.”

Szilagyi noted that this year he organized a grant for 9 students to participate in Devconnect, including flights and accommodation.

“I haven’t met the students myself, but someone supposedly has.

“Figured lets see if this piqued some interest.

Read more

Ethereum price at $1.4K was a bargain, and a rally toward $2K looks like the next step

ETH’s correlation with tech stocks, its increasing total value locked and its deflationary token economics all suggest that the path to $2,000 is programmed.

Ether’s (ETH) price reached $1,400 on March 10, which proved to be a bargain as the cryptocurrency rallied 27.1% until March 21. However, the three reasons that supported the price gain, including correlation with tech stocks, its increasing total value locked and its deflationary token economics, all suggest that the path to $2,000 is set in stone. 

There are numerous explanations for Ether’s 19.4% decline over the past six months. Ethereum’s Shanghai hard fork upgrade was delayed from March to early April and after Shanghai, Ethereum’s roadmap includes the “Surge” “Verge,” “Purge,” and “Splurge” updates. In reality, the longer these intermediate steps to achieve scalability take, the greater the likelihood that competing networks will demonstrate efficacy and possibly establish a competitive advantage.

Another potentially concerning issue on the minds of investors is the real chance of price impact when validators are finally able to unlock their 32 ETH deposits following the completion of the Shapella hard fork. While it is impossible to predict how many of the 16 million ETH currently staked on the Beacon Chain will be sold on the market. There is a compelling argument in favor of the transition to liquid staking platforms, as they can use liquid staking derivatives on other decentralized finance networks without sacrificing their staking yield.

Traders could construct a narrative based on regulatory uncertainty, especially after U.S. Securities and Exchange Commission (SEC) Chairman Gary Gensler’s September 2022 statement that proof-of-stake cryptocurrencies could be subject to securities laws. In February 2023, the SEC reached an agreement compelling the cryptocurrency exchange Kraken to cease offering crypto staking services to U.S.-based clients, and the exchange also paid $30 million in disgorgement.

Correlation versus application-focused tech companies

To understand why Ether gained 15% in less than three days after briefly trading below $1,400 on March 10, traders must switch from a price-based analysis to a market capitalization comparison. On March 10, Ethereum’s market cap closed at $175 billion.

Oracle, SAP, and Salesforce are similar to Ethereum in that their software enables users to access shared computing resources. This is in contrast to chipmakers Nvidia and TSMC, infrastructure providers Microsoft and Oracle, and technology companies Apple and Cisco that all heavily rely on equipment.

ETH vs. Oracle (ORCL), SAP (SAP), Salesforce (CRM). Source: TradingView

The market capitalizations of Oracle, Salesforce and SAP are comparable to Ether’s at $233 billion, $188 billion and $149 billion, respectively. Ultimately, centralized and decentralized solutions permit businesses to integrate their proprietary software so that all third parties and relevant departments can consult, process, share and store data.

Considering the past six months of data, Ether’s price has performed similarly to those companies. The drop below $1,400 on March 10 was illogical if the correlation between application-focused tech stocks and the price of Ether remains valid.

ETH’s total value locked sticks at $30 billion

The total value locked (TVL) of the Ethereum network was $24 billion on November 24, 2022, and increased by 30% to $30 billion by March 21, 2023. Therefore, if no other factors influence the price, one could anticipate a 30% price increase during that six-month period. Except, that was not the case on March 10, when Ether traded at $1,400, representing a mere 8% increase from six months prior and indicating a disconnect between the value deposited in the network’s smart contracts and the ETH price.

This 22% difference between the 30% increase in TVL and the 8% increase in ETH price indicated that Ether’s true value should have been near $1,700, a level that was reached three days later on March 13, 2023. This simple model excludes a number of variables that influence supply and demand and the resulting price level, but it does provide an indication based on historical data.

Related: Coinbase submits petition to SEC explaining that staking is not securities

Ether’s deflationary mechanism is in full force

On November 10, 2021, the price of Ether was $4,869, a record high for the cryptocurrency. However, a great deal has changed since then, including the burning of 3,016,607 ETH via Ethereum Improvement Proposal 1559. This equates to an additional $5.4 billion in capitalization that would have otherwise been created, thereby adding to the supply side and restraining price appreciation.

Currently, market leader Bitcoin (BTC) is trading down 59% from its $69,000 all-time high. That does not necessarily mean Ether should reduce the gap versus Bitcoin, but it shows how discounted ETH currently stands at $1,780. The deflationary standard paves the way for Ether’s perception as a scarce digital asset, which is particularly promising during inflationary periods in the global economy.

The views, thoughts and opinions expressed here are the authors’ alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.

This article does not contain investment advice or recommendations. Every investment and trading move involves risk, and readers should conduct their own research when making a decision.

DeFi lender Tender.fi suffers exploit, white hat hacker suspected

DeFi lending platform Tender.fi sees $1.59 million of assets drained by an alleged white hat hacker taking advantage of a misconfigured oracle.

An alleged ethical hacker has drained $1.59 million from the decentralized finance (DeFi) lending platform Tender.fi, leading the service to halt borrowing while it attempts to recoup its assets.

Web3-focused smart contract auditor CertiK, and blockchain analyst Lookonchain, flagged an exploit that saw funds drained from the DeFi lending protocol on March 7. Tender.fi confirmed the incident on Twitter, citing “an unusual amount of borrows” through the protocol:

The latest update from the platform claims that a white hat hacker has made contact, and discussions are underway to recoup assets taken during the exploit. White hat hackers are also known as ethical hackers and typically look for and take advantage of security flaws in different protocols before returning funds.

Cointelegraph reached out to CertiK to unpack the situation, which highlighted that the exploiter left an on-chain message which has been verified on the Arbitrum Blockchain Explorer:

The input data reads: “It looks like your oracle was misconfigured. contact me to sort this out.”

Lookonchain provided further details of the exploit, citing blockchain data showing that the white hat hacker borrowed $1.59 million worth of assets from the protocol by depositing 1 GMX token, valued at $71 at the time of writing.

Related: $700,000 drained from BNB Chain-based DeFi protocol LaunchZone

Cointelegraph has reached out to Tender.fi to ascertain further details of the exploit and whether funds will be returned by the white hat hacker. DeFi protocols have been the target of hackers in early 2023, with seven different platforms losing over $21 million in February alone. Hackers also took advantage of an oracle exploit in Jan. 2023, seeing over $120 million stolen from BonqDAO. 

BonqDAO protocol suffers $120M loss after oracle hack

An oracle hack allowed the exploiter to manipulate the price of the AllianceBlock token, leading to an estimated $120 million loss, according to Peckshield.

A small decentralized autonomous organization (DAO) has suffered a rather sizeable smart contract exploit, leading to an estimated $120 million being stolen from its protocol.

BonqDAO told its Twitter followers on Feb. 1 that its Bonq protocol was exposed to an oracle hack that allowed the exploiter to manipulate the price of the AllianceBlock (ALBT) token.

An independent analysis from blockchain security firm PeckShield has estimated the loss from the Bonq hack to be around $120 million, comprising $108 million from 98.65 million BEUR tokens and $11 million from 113.8 million wrapped-ALBT (wALBT) tokens.

While the exploit took effect over several transactions, the largest was $82.19 million at 6:32 pm UTC time on Feb. 1, according to multichain portfolio tracker DeBank.

Most of the high-scale transactions took place on the Polygon network.

How it happened

PeckShield explained that the exploiter was able to change the updatePrice function of the oracle in one of BonqDAO’s smart contracts, which meant that they were able to manipulate the price of the wALBT token.

This triggered the exploitation of the wALBT and BEUR. The hacker then swapped about $500,000 worth of BEUR for USDC on Uniswap before burning all 113.8 million wALBT to unlock ALBT.

On-chain security observer “Spreek” — who was one of the first to spot the exploit — told his 18,800 Twitter followers that the exploiter later dumped more BEUR and ALBT tokens for $500,000 in USDC and 144 ETH ($236,000).

PeckShield and others noted that the price of the BEUR and ALBT tokens went down considerably in a short period of time:

In a follow up tweet, BonqDAO said it has paused the protocol and is working on a recovery solution.

“Other troves remain unaffected. Bonq protocol has been paused. We’re working on a solution that will allow users to withdraw all remaining collateral without repaying BEUR in the troves. It will be released tomorrow morning CET,” it said.

AllianceBlock — the token issuers of ALBT — also shared the news on Feb. 1, explaining to its 51,300 Twitter followers that an exploiter managed to gain access to 113.8 million ALBT tokens.

The team is in the process of removing all liquidity on Bonq and has halted exchange trading, it said, adding that no smart contracts were exploited on AllianceBlock.

The announcement from AllianceBlock also added that they would mint new ALBT tokens to those impacted by the exploit up until the time of the announcement.

Related: Tribe DAO votes in favor of repaying victims of $80M Rari hack

BonqDAO is a decentralized autonomous organization that aims to provide self-sovereign financial services to individuals and businesses interest-free without giving up ownership of their assets.

AllianceBlock is a decentralized infrastructure platform that connects traditional financial institutions to Web3 applications.

Chainlink eyes 25% rally ahead of LINK staking launch in December

LINK’s price could rally on speculations over Chainlink’s oracle services growth coupled with a supportive technical pattern.

Chainlink (LINK) looks poised for a 25% price rally in the days leading up to its staking protocol launch, based on several fundamental and technical factors.

Chainlink’s price rallies ahead of staking launch

The staking feature, which will go live as v0.1 in beta mode on Dec. 6, comes as a part of the so-called “Chainlink Economics 2.0” that focuses on boosting LINK holders’ reward-earning opportunities for “helping increase the crypto economic security” of Chainlink’s oracle services.

Earlier, Chainlink users had to launch their own nodes to receive rewards in LINK tokens. The staking feature effectively opens new avenues for them to earn LINK rewards that could, in theory, boost demand for the token.

Additionally, demand for LINK’s parent platform, Chainlink, as an oracle service provider, should also increase.

David Gokhshtein, founder of blockchain-focused media company Gokhshtein Media, believes it could happen in the wake of the recent FTX collapse.

The analyst highlighted how traders have been seeking more clarity on exchanges’ reserves after the FTX fiasco, which can boost demand for oracle services like Chainlink and, in turn, push LINK’s price higher.

Chainlink Labs launched its proof-of-reserve auditing services to exchanges on Nov. 10.

The speculations have helped LINK’s price rally in recent days. Notably, Chainlink’s price gained 35.50% eight days after bottoming out locally at around $5.50 — trading for as much as $7.50 on Nov. 29, its highest level in two weeks.

The LINK/USD pair now eyes further upside in the near term, price technicals suggest.

A failed LINK price breakdown

LINK reclaimed its multi-week rising support trendline on Nov. 29, three weeks after losing it in the wake of the FTX-led market sell-off.

In doing so, the Chainlink token also invalidated its prevailing ascending triangle breakdown setup toward $4.

It now trades inside the pattern’s range, eyeing a rally toward the upper trendline near $9.40, up 25% from the current price levels, by the second week of December, as shown below.

LINK/USD three-day price chart. Source: TradingView

Michaël van de Poppe, market analyst and founder of Eight Global, also anticipates LINK to hit or cross above $9

Moreover, a bullish continuation move above the $9.40 resistance could have LINK eye $16 next, the ascending triangle breakout target.

Related: Binance publishes official Merkle Tree-based proof of reserves

Conversely, slipping below the triangle’s lower trendline again risks bringing the breakdown setup toward $4 back in play, down about 45% from current prices.

This article does not contain investment advice or recommendations. Every investment and trading move involves risk, and readers should conduct their own research when making a decision.

Compound cETH market bricked by update — 7-day wait on vote to fix it

The code bug has plagued the cETH market and has affected Compound’s front-end user face, but the CEO confirmed that “funds are not immediately at risk.”

Decentralized lending platform Compound has been plagued by a code bug in a recent governance proposal to update its price feeds. 

The code error has “temporarily frozen” the Compound Ether (cETH) market, causing cETH transactions to revert, but Compound Labs stated that despite the front end not working, “funds are not immediately at risk.”

Compound Labs announced on Wednesday that the code bug came from Proposal 117: Compound Oracle Upgrade v3, which was implemented a couple of hours ago to update the oracle contracts on the Compound protocol to a new version that uses Uniswap V3 instead of V2 for price feeds.

In response to the cETH market temporarily freezing, Compound Labs said it aimed to revert to the previous price feed via Proposal 119: Oracle Update. The new proposal was created less than one hour after Proposal 117 had been executed, however, it now needs to go through a seven-day governance process before taking effect.

According to an update from security solutions architect Michael Lewellen of OpenZeppelin, the code bug came from the “getUnderlyingPrice” function, which did not update the price of cETH tokens, which would return empty bytes and cause the call to be reverted.

Lewellen also reaffirmed that no funds are at risk:

“The primary issue right now is a temporary denial of service for the cETH market which will be resolved by the new governance proposal. No funds are at risk at this time. The rest of the cToken markets on Compound V2 and all of V3 remain functional.”

However, Lewellen added that “any users that deposited ETH and obtained cETH for opening borrow positions must be aware that they might get instantly liquidated whenever the fix proposal executes if by that time the price of ETH has dropped significantly.”

But, the CEO of Compound Labs, Robert Leshner, also added that users can still repay any debt and add collateral to avoid liquidation.

Related: What is a smart contract security audit? A beginner’s guide

Compound Labs noted the code bug came despite the oracle contract being audited from three separate smart contract auditing companies, with OpenZeppelin and ChainSecurity among the recent firms to have audited Compound’s smart contracts.

Proposal 117 itself didn’t appear to be a controversial one, with all 696,665 votes from 245 different wallet addresses in favor of the price feed upgrade. Crypto investment firm Polychain Capital cast the most votes (306,146) in favor of the proposal.

According to DefiLlama, Compound is the third largest decentralized lending platform, with a $2.67 billion total value locked (TVL). The news has not affected Compound (COMP) so far, which is sitting at $48.27 at the time of writing.