Following the $ 11 million attack earlier today, Rari Capital is the latest decentralized finance (DFI) protocol to fall victim to a high-priced exploitation
The platform, which builds customized produce vaults and boutique lending pools, confirmed the attack in a tweet and said a full post-mortem is forthcoming:
We have exploits in the Rari Capital ETH pool here @AlfFinanceLab Integration.
Rebler has in response removed all funds from Alpha.
We are currently investigating the situation and a full report will be shared after assessing everything.
– Rari Capital (@RariCapital) 8 May, 2021
According to whitehat hacker Emiliano Bonaci, exploitation appears to be a “rogue contract” exploitation, in which an attacker contracts to ‘trickers’ thinking that the hostile contract should have access or permission. Alpha Finance announced in a tweet that the hack was related to Rari’s interest-impact ibETH vault, but no Alpha Fund was at risk:
Funds are safe #Alfahomora.
We are informed that @Rerycapital An exploit suffered due to a misconception when using the Homorbank contract, as they were setting up an ibETH pool on their platform.#Alpha The team is here to help.
– Alpha Finance Lab (@AlphaFinanceLab) 8 May, 2021
Hacker’s wallet currently holds 4,005 ETHs of more than $ 4,00,000, but a portion of those funds appears to be from a separate exploit.
Like many of his predecessors, the attacker considered sending a message to the Rari team, but canceled the transaction. Because they paid a lower gas fee, however, observers were able to notice the message as a pending transaction before it was canceled:
Hacker has left a base 64-encoded message
rari = REKT
Alpha = OK # Remnant Sari 6 m: //t.co/WQpiPksDOX pic.twitter.com/ruMH8Wam5s
– Kent (@bantg) 8 May, 2021
While adopting the aborted Vijay, the attacker’s message also appears to be that the Alpha Homura team prevented an additional $ 6 million drain.
Already, users are taking to Twitter to speculate about how they might take the team compensation plan. Compensating users affected by hacks and exploits is becoming a common practice, with Ezify recently disclosing its compensation plan after exploiting $ 60 million.
The Rari Capital team has often been the target of both community support and derision. The team is particularly young, with one developer being 15 years old. One of his major investors, Twitter user Tetranode, Recently joked only on podcasts, which, despite being only middle-aged, the team often and ficklely taunts him as a “camper”.
Thus, while some have criticized the team and attempted to blame the young inexperience for the attack, others have noted that security practices at Defy are constantly evolving and to support the voice for the team Quickly prepared, including Sushuptavate CTS Joseph DeLong:
It’s a tragedy, we love that team
– Jo-So Day-Lounge (@josephdelong) 8 May, 2021
$ RGT, Rari’s governance token, is down 23.24% to $ 13.35 on the news.