DeFi Protocol Gamma Strategies Discloses Vulnerability After Preliminary Investigation
Gamma Strategies plans a third-party code review to address the attack before reopening deposits, but compensation for victims is still not confirmed.
Gamma Strategies – a DeFi protocol built on the Ethereum blockchain – fell victim to an exploit, resulting in a loss of approximately $3.4 million. In response to the attack, the protocol swiftly implemented measures to prevent further losses, temporarily disabling deposits to all public DeFi vaults while keeping withdrawals active for users in need of accessing their funds.
The exploit was initially identified by blockchain investigator PeckShield on January 4, which was then confirmed by Gamma Strategies. The platform disclosed that it had identified the root cause of the incident.
Root Cause Revealed
Gamma’s vaults incorporate four primary safeguards against flash loans. These include mandating a token0 and token1 ratio in line with the pool’s ratio, setting a price change threshold to disallow deposits when the price change exceeds a specified amount, implementing deposit caps per deposit, and prohibiting single-sided deposits.
The protocol revealed that the main issue stemmed from the settings on the price change threshold, which were set too high, allowing for up to a 50-200% price change on certain LST and stablecoin vaults. This enabled the attacker to manipulate the price to the threshold and generate an unusually high number of LP tokens.
Gamma Strategies has outlined its plan of action, which includes setting all price change thresholds to a safe threshold level. It also plans to rope in a third-party code review to ensure that this attack is effectively mitigated prior to re-opening deposits.
A comprehensive post-mortem analysis will also be released soon. However, Gamma Strategies is yet to confirm if it intends on compensating its victims in addition to “maximizing recovery for all affected users.”
“One last note, is that even though deposits are closed, our rebalances and management of the positions are still active as they are not affected by the exploit.”
Another Hack in 2024
Within the first four days of 2024, the cryptocurrency market faced two security breaches.
Orbit Chain, a project facilitating cross-chain bridging, was hacked earlier this week, which led to the loss of over $80 million in assets. The attacker managed to gain access to seven out of ten multisig signers, resulting in a total loss of $81.5 million.
The majority of the stolen funds consisted of stablecoins, with $30 million in USDT, $10 million in USDC, and $10 million in DAI. Additionally, approximately 231 WBTC ($10 million) and 9,500 ETH ($21.5 million) were also compromised.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
“Hyperliquid 50x Whale” opens 40x BTC short position, with a position value of $160 million
Code of Joker game will reappear on smartphones in a new version via Sui blockchain
Share link:In this post: The arcade Code of Joker existed from 2013 to 2019 The game will run on a platform Mysten acquired just days ago. Sui partnered with Jokers, Inc., which is obtaining more games to revive in Web3
RLUSD Can Be Frozen for Compliance, Ripple CTO Admits

BlackRock to File XRP ETF Only After SEC Lawsuit Resolution, Expert Says

Trending news
MoreCrypto prices
More








