Osmosis Chain Halted After $5M Exchange Exploit


Key Takeaways

The decentralized exchange Osmosis has been exploited for around $5 million following the disclosure of a critical bug.
The bug allowed malicious users to drain liquidity from the exchange by depositing and immediately withdrawing 50% more money from the pools.
Developers were able to halt the Osmosis blockchain just 12 minutes after the bug was discovered, mitigating further damage to liquidity providers.

Share this article

The Cosmos-connected Osmosis blockchain has been halted following the discovery of a critical bug in the like-named decentralized exchange.

Osmosis Hit By a Critical Exploit

The decentralized exchange Osmosis has been exploited for approximately $5 million.

The critical bug that led to the exploit was initially disclosed by a community member posting under the name Straight-Hat3855 on the Osmosis subreddit. “There is a serious problem with osmosis,” they said, asserting that adding liquidity on the decentralized exchange and instantly withdrawing it was causing users to receive back 50% more tokens than initially deposited. 

After expressing doubt over the user’s claims, other community members began depositing and withdrawing liquidity, only to find that the exploit worked as described. According to Osmosis, only about $5 million of the exchange’s $212.77 million in total value locked was drained before the developers halted the like-named blockchain for emergency maintenance.

According to pseudonymous Osmosis senior analyst RoboMcGobo, the blockchain’s validators were able to respond and coordinate the emergency halt within 12 minutes of the exploit being discovered. If the developers had not halted the chain, malicious users could’ve continued using the exploit to drain the exchange’s entire liquidity.

In an update posted to Twitter, the official Osmosis account wrote that the “bug has been identified and a patch written.” “More testing is underway before validators are recommended to coordinate a restart,” the team explained, announcing that a full bug report and action plan would be coming soon. 

Osmosis is a decentralized exchange running on its own like-named blockchain built using the Cosmos SDK. Like other Cosmos SDK chains such as Secret Network, Osmosis is interoperable with the entire ecosystem of Cosmos-based blockchains. Per data from DeFi Llama, Osmosis is the second-largest Cosmos-based blockchain by total value locked, despite hosting only a single decentralized application. 

The OSMO token has lost only around 2.3% on the news, falling from around $1.19 before the exploit to $1.06 at press time.

Disclosure: At the time of writing, the author of this piece owned ETH and several other cryptocurrencies.

Share this article

The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.

You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.

See full terms and conditions.



Source

Recommended For You

About the Author: wp4crypto

Leave a Reply

Your email address will not be published. Required fields are marked *