Table of contents
No headings in the article.
Decentralized Finance is an interesting field where there are a lot of new approaches being explored around how money can be used for lending and trading. The approaches are very different from what we saw in traditional finance.
New approaches to finances brought both good and bad. While there is a lot of exciting innovation around how and what we will transact, the other edge is equally disheartening.
Euler Finance:
Euler Finance is a lending smart contract that has two tokens. eTokens which are like collateral and dTokens are debt. Liquidation is initiated if the user has more dToken than eTokens.
The smart contract has a feature to donate to reserves.
The logic within the Liquidation module will attempt to repay the full debt of the violator, but if the collateral is not sufficient, the system defaults to whatever collateral the user has. This was assumed as a risk when the borrower has multiple collaterals and all those together cannot cover the debt.
The Euler finance permits users to create artificial leverage by minting and depositing assets in the same transaction via eToken.mint. This minting could exceed the collateral held by Euler finance. The donation mechanism allows users to donate balance without checking the user's health.
As such user's debt remains unchanged while the equity balance decreases. The liquidation caused the debt to close causing bad debt. About 197M was lost.
Hope Finance:
About 2M was stolen from Hope finance. The tx that did the rug pull was a multi-sig and all the participants approved it. The USDC received was swapped to ether which was then routed through the Tornado app.
As we saw above, in some cases, the smart contract is buggy and in others, the intentions of the developer team are bad.
As an Auditor, one will have to challenge everything in the contract from code to the dev team to the fundamental business model. The intention is to protect web3 space so that we can move away from a centralized model where few make decisions to a place where we as individuals can make decisions.