Decentralised Finance lending protocol, Cream Finance is doing a thorough post-mortem following the exploitation of its protocol.
According to the company, its protocol was attacked, leading to the loss of over $462 million in AMP tokens and 2,804.96 ETH tokens. While the attacker is still at large, Cream Finance has promised to compensate the stolen funds in its bid to return its ecosystem to optimal functionality.
Decentralised Finance (DeFi) protocols have been the ultimate target for most attackers today. Earlier in August, interoperability protocol Poly Network was also hacked across three blockchains, including Ethereum, Polygon, and the Binance Smart Chain, with over $610 million carted away by an attacker codenamed Mr White Hat. While the entire funds from the Poly Network exploitation have been wholly refunded, it still raises the question of the safety of DeFi platforms.
While the hack is still very fresh, Cream Finance said it works with connected trading platforms, including Binance, to identify the attacker. The protocol also said it is working with authorities to track down the hacker. The firm said it would refund the hacked funds as debts which it will service with transaction fees obtained from the platform.
“While the Schadenfreude is often loud during exploits such as this, no one within the broader DeFi ecosystem wins when a protocol is exploited. We are committed to the industry, our partners and most importantly, our users,” Cream Finance said in a statement.
“We will be replacing the stolen ETH and stolen AMP so that there are no liquidity issues for users. We will commit to allocating 20% of all protocol fees toward repayment until this debt is fully paid. In the meantime, we will post CREAM collateral with the Flexa/AMP team to secure this debt.”
Following in the footsteps of the Poly Network, Cream Finance said it is willing to give a 10% bug bounty to the hacker if the stolen funds are returned. A 50% reward has been earmarked to anyone with meaningful information on how to apprehend the attacker.
Image source: Shutterstock