- Amfani da Balancer ya karu daga kiyasin farko na $70M zuwa sama da $128M a asarar.
- Dalili mai yiwuwa shine gazawar sarrafa shiga cikin V2 wanda ya ba da izinin cirewa mara izini.
- Ya shafi cibiyoyin sadarwa da yawa: Ethereum, Berachain, Arbitrum, Base, Sonic, Optimism, da Polygon.
- Yarjejeniyar ta ba da lada 20%; alamar BAL ta faɗi kuma Berachain ya fuskanci rufewar gaggawa.
El ka'idar kudi ta raba gari Balaguro ya yi rajista daya daga cikin mafi girma lamarin tsaro har zuwa kwanan wata, tare da kai hari da aka fara kai rahoto 70 miliyan daloli kuma cewa, bisa ga ƙaƙƙarfan bayanai na baya-bayan nan, Da sauƙaƙa ya wuce miliyan 128 a cikin kadarorin da aka zubar a cikin sabbin fayiloli.
Kudaden da aka yi sun hada da osETH, WETH da wstETHkuma da sun janye musamman daga wuraren waha na version V2Ayyukan ƙeta sun yaɗu a cikin cibiyoyin sadarwa da yawa, yayin da alamar BAL Ya sha wahala intraday fadowa kuma masu amfani sun jira tabbaci na hukuma game da gaskiyar lamarin.
Yadda harin ya faru
Nazari na farko yana nuni ga a kuskuren ikon sarrafawa a cikin aikin mai sarrafaUserBalance na Balancer V2Rashin lahani zai samo asali daga ciki inganta UserBalanceOp, ta hanyar kwatanta ba daidai ba msg.mai aikawa tare da op.mai aikawa wanda mai amfani ya bayar, wanda zai yarda cirewa mara izini ta hanyar aiki BalanceOpKind.WITHDRAW_INTERNAL.
Wannan vector ya buɗe kofa don ƙeta ƴan wasan kwaikwayo motsin ma'auni na ciki kai tsaye daga kwangiloli ba tare da izini ba. Farashin V2 - kwangilar tsakiya wanda ke riƙe da alamun kowane tafkin - ya shiga cikin mayar da hankali, wanda ya shafi Balancer kawai amma har ma. ayyuka da aka gina akan gine-ginensa.
A cikin layi daya, an gano waɗannan abubuwan vault emptyings akan hanyoyin sadarwa kamar Sonic, Polygon da BaseWannan yana ƙarfafa yanayin haɗin kai na yanayin yanayin DeFi. Adireshin mai aiki Ya fara ƙarfafa dukiya cikin sauri, yana ƙara haɗarin ɓoyewar sa ta gaba mixers ko gadoji tsakanin sarkoki.
Ƙungiyoyin tsaro na musamman, waɗanda suka haɗa da Decurity da masu nazarin bayanai akan sarkar, suna ci gaba da bin diddigin yadda ake tafiyar da kuɗi da kuma yuwuwar sarƙar ciniki, da nufin bayyana maharin da kuma ayyana daidai yankin da aka keta.
Yawan lalacewa da rarraba ta hanyar sarƙoƙi
Ƙididdiga ta baya-bayan nan ta ɗaga jimilar da aka ɗebo zuwa kimanin dala miliyan 128,64, tare da rinjaye nauyi na Ethereum da tasiri mai mahimmanci akan L2 da yawa da cibiyoyin sadarwa masu jituwa. An kuma tabbatar da hakan Beets FinanceAikin da aka samo asali ya sami hasara mai yawa 3 miliyoyin.
- Ethereum: ~99,6M
- Berachain: ~12,86M
- Arbitrum: ~6,96M
- Tushen: ~4,01M
- Sonic: ~3,44M
- Kyakkyawan fata: ~1,58M
- Polygon: ~ 232.350
Daga cikin kadarorin da aka kwashe, an yi fice kamar haka: 6.850 Yuro, 6.590 KYAUTA y 4.260 WST, canja wuri cikin sauri jere zuwa sababbin fayiloli, tsarin da ya dace da maharan da ke da masaniya game da ma'anar kwangila da kuma abubuwan da ke tattare da wuraren waha.
Don ƙarfafa dawowar kuɗi, ƙungiyar Balancer ta gabatar da a 20% sakamako a cikin tsari farin hulasharadi kan maido da sauran babban birnin kasar nan take. In ba haka ba, an ba da gargadi game da haɗin gwiwa tare da blockchain forensics da hukumomi don gano wanda ke da alhakin.
Tasirin kuma ya kai ga abubuwan more rayuwa: Berachain kashe a kamun gaggawa da kuma wuya cokali mai yatsa da nufin iyakance tasiri akan takamaiman kadarorin a cikin DEX na asali, tare da alƙawarin ci gaba da hanyar sadarwar bayan dawo da kudaden da abin ya shafa.
Amsar yarjejeniya da tasirin kasuwa
Tawagar ta nuna cewa wuraren waha V2 ya shafayayin da V3 ya ci gaba da aiki kuma ba tare da lalacewa ba, kuma ya ba da rahoton cewa injiniyanta da wuraren aminci suna bincike tare da fifiko don ƙayyade matakan ɗaukar hoto da hanyoyin dawo da hanyoyin.
A gaban kasuwa, alamar BAL rajista raguwar fiye da 5% bayan an san harin, a cikin yanayin taka tsantsan a cikin al'umma DefiMasu sharhi kan sarkar sun ba da shawarar guje wa hulɗa tare da wuraren waha na Balancer har sai an sami cikakkun bayanan fasaha.
Wannan lamarin yana ƙara zuwa abubuwan da suka gabata: in 2020Wani hari ya yi amfani da mu'amalar ta'addanci na kusan 500.000 daloli. en Agusta 2023 asarar kusan Miliyan 1 saboda rauni a ciki ƙarfafa wuraren waha; kuma wannan shekarar a harin DNS juya zuwa gidan yanar gizon mai leƙan asiri, tare da kusan ganima 238.000 daloli.
Ga masu amfani da Spain da EUShari'ar ta sake buɗe muhawara kan gudanar da haɗari a cikin ƙa'idodi masu haɗaka da buƙatun agile audits, kayan aikin kariya masu amfani da haɗin kai tsakanin yarjejeniya, daidai da ƙa'idodin ƙa'idodin Turai (MiCA) zuwa ƙarin ƙa'idodin aminci masu buƙata.
Tare da asarar riga a sama 128 miliyoyin Kuma tare da gudanar da bincike mai zurfi, shirin Balancer yana ba da darussa da yawa: mahimmancin ingantaccen iko a cikin ayyuka masu mahimmanci, sake duba kwangilar gado a koyaushe. V2da kuma shirye-shiryen haɗin kai martani-ciki har da zaɓi na Kyautar Farin Hat- don rage lalacewa da mayar da amana.
Ni mai sha'awar fasaha ne wanda ya mayar da sha'awar "geek" zuwa sana'a. Na shafe fiye da shekaru 10 na rayuwata ta yin amfani da fasaha mai mahimmanci da kuma yin amfani da kowane nau'i na shirye-shirye saboda tsantsar son sani. Yanzu na kware a fasahar kwamfuta da wasannin bidiyo. Wannan shi ne saboda sama da shekaru 5 ina yin rubutu a gidajen yanar gizo daban-daban kan fasaha da wasannin bidiyo, ina ƙirƙirar kasidu da ke neman ba ku bayanan da kuke buƙata cikin yaren da kowa zai iya fahimta.
Idan kuna da wasu tambayoyi, ilimina ya bambanta daga duk wani abu da ya shafi tsarin aiki na Windows da kuma Android don wayoyin hannu. Kuma alƙawarina shine a gare ku, koyaushe a shirye nake in yi ƴan mintuna kaɗan in taimaka muku warware duk wata tambaya da kuke da ita a duniyar Intanet.