In recent weeks, Solana’s Mango Markets and Solend have been attacked.
Solana DeFi Attacked Again
Solend, a protocol for lending and borrowing atop Solana, reported that an attacker drained $1.26 million from users’ accounts. The exploit resulted from an oracle attack, in which an attacker manipulated the oracle prices of volatile assets to borrow protocol funds against them at a higher actual value.
Solend disclosed that three lending pools had been compromised, tweeting that: “An oracle attack on USDH affecting the Stable, Coin98, and Kamino isolated pools was detected, resulting in $1.26M in bad debt.”
A “bad debt” occurs when an attacker deceives the price oracles of a protocol into overvaluing collateral assets. This provides them with “credit” to borrow funds from a protocol whose actual value is greater than the inflated value of their collateral. In this case, the attacker didn’t intend to repay USDH stablecoin funds, leading to a net loss of $1.26 million for the protocol.
SolBlaze announced shortly after the attack that it had uncovered one of the attacker’s pseudonymous identities. But it is currently unclear whether Solend can agree with the attacker to safeguard user funds.
Oracle price manipulation has previously been used to attack DeFi protocols on Solana. For instance, an attacker exploited the decentralised trading platform Mango Markets for over $100 million last month by inflating the native MNGO token’s price. Thus, the attacker could take away large loans from multiple token pools, reducing the protocol’s liquidity.
An oracle attack on USDH affecting the Stable, Coin98, and Kamino isolated pools was detected, resulting in $1.26M in bad debt. All other pools including the Main pool are safe.
Affected pools have been disabled and exchanges have been notified of the exploiter’s address.
— 🙏🚫 Solend (we’re hiring!) (@solendprotocol) November 2, 2022
Later, Avraham Eisenberg, a self-described “applied game theorist”, revealed that he and a team had carried out the attack. Mango Markets assured Eisenberg that the protocol would not pursue legal action against him in exchange for $53 million of the stolen assets. Although Eisenberg maintains that his actions were not an exploit but rather a “highly profitable trading strategy,” it was not persuasive to many.
Low Liquidity and High Price
Attackers have successfully manipulated Solana’s price oracles due to the blockchain’s lack of liquidity. According to DefiLlama, the total value of Solana DeFi protocols soared during the 2021 bull run, reaching a peak of $10.17 billion in November.
Nonetheless, nearly a year into the current crypto winter, Solana liquidity is drying up. The network currently hosts assets worth only $940 million, a decline of 90%. In recent months, Solana’s on-chain activity, acting as a rough heuristic for the volume of trading on the network, has also declined.
When Solana had abundant liquidity, many DeFi protocols began allowing users to use lesser-known tokens as collateral for loans and trades. Although tokens such as MNGO weren’t as actively traded as ecosystem mainstays such as SOL, USDC, and ETH, liquidity was sufficient for positions to be liquidated if a user defaulted.
It turns out, however, that the ability to liquidate these collateral funds was not the most significant concern for protocols. Daily declines in liquidity and trading activity on Solana have made it much simpler to manipulate the price of illiquid collateral tokens.
Attempting an oracle attack during the bull market’s peak would have been futile and almost certainly resulted in financial loss for the attacker.
Under the current circumstances, however, such exploits have become increasingly lucrative, assuming the attacker has sufficient funds to manipulate prices in the first place.
Those who have deposited funds in Solana DeFi protocols should be aware of current risks. Although not every protocol will be vulnerable, those that offer more exotic tokens as collateral may be susceptible.
Eisenberg has identified potential exploits employing similar price manipulation techniques to his attack on Mango Markets, showing that he is actively searching for protocols with vulnerabilities. If liquidity on Layer 1 chains like Solana continues to decline, future price oracle attacks similar to those on Solend and Mango Markets are likely.
I’ve been advised aave is perfectly safe so here’s the potential trading strategy. Not financial or legal advice, but if you do make 9 figures on this feel free to send a tip
Note that starting with more initial capital increases success odds and profit percentage pic.twitter.com/HKAF7Y5ogM
— Avraham Eisenberg (@avi_eisen) October 19, 2022
