Key Takeaways
- Solend, another Solana DeFi protocol, has been exploited via a price oracle attack for $1.26 million.
- The attack follows last month’s Mango Markets exploit in which $100 million was stolen.
- Protocols that allow users to deposit illiquid tokens as collateral and low liquidity on Solana enabled the attacks.
Share this article
Solana’s Mango Markets and Solend have both come under fire in recent weeks.
Solana DeFi attacked again
Another Solana DeFi protocol has been abused.
Solend, a lending and borrowing protocol built on Solana, reported that an attacker stole $1.26 million in user funds on Wednesday. The exploit was the result of an oracle attack, meaning an attacker manipulated the oracle prices of certain volatile assets in order to borrow protocol funds against them with a higher real value.
Solend acknowledged the abuse on Twitterwhich showed that three credit pools were affected. “An oracle attack on USDH was detected affecting the isolated pools Stable, Coin98 and Kamino, resulting in $1.26 million in bad debt,” the protocol tweeted.
The “bad debts” occur when an attacker tricks a protocol’s pricing oracles into valuing collateral assets higher than they should be. This gives them “credit” to borrow money from a protocol with a higher real value than their inflated collateral. In this case, the attacker borrowed USDH stablecoin funds with no intention of paying them back, resulting in a net loss of $1.26 million for the protocol.
Shortly after the attack, fellow Solana DeFi protocol SolBlaze was introduced announced it had discovered one of the attacker’s pseudonymous identities. “We have discovered a known contact for the hacker… and have been working closely with the Solend team over the past half hour to connect them with the hacker to resolve the matter,” the report said. It is not yet clear whether Solend will be able to reach a solution with the attacker to protect users’ funds.
The current Solend exploit is not the first time that oracle price manipulation has been used to attack DeFi protocols on Solana. Last month, decentralized trading platform Mango Markets was exploited for more than $100 million when an attacker jacked up the price of the protocol’s native MNGO token. This allowed the attacker to take out a series of large loans from different token pools, effectively depleting the protocol’s liquidity.
Avraham Eisenberg, a self-described “applied game theorist” from New York, later revealed that he carried out the attack together with a team. Mango Markets reached an agreement with Eisenberg, assuring him that the Protocol would not pursue a lawsuit against him in exchange for $53 million of the stolen assets. Although Eisenberg insists that his actions did not constitute an exploit, but rather, in his words, a “highly profitable trading strategy,” most onlookers were unconvinced.
Low liquidity, high costs
The reason attackers have successfully manipulated price oracles on Solana comes down to the low liquidity levels on the blockchain.
During the 2021 bull run, total value in Solana DeFi protocols soared, peaking at $10.17 billion per year in November. facts from DefiLlama. However, almost a year after the current crypto winter, liquidity on Solana is drying up. The network currently houses just $940 million in assets, which represents a 90% decline. Additionally, Solana’s on-chain activity, which acts as a rough heuristic for the amount of trading on the network, also has dropped out in recent months.
Once Solana had sufficient liquidity, many DeFi protocols started letting users deposit lesser-known tokens as collateral to take out loans or trade against. While tokens like MNGO were not traded as frequently as ecosystem staples like SOL, USDC, and ETH, liquidity was high enough to liquidate positions if a user defaulted.
However, it turns out that being able to liquidate these collateral funds was not the biggest problem for protocols. With liquidity and trading activity on Solana decreasing daily, it has become much easier to manipulate the price of illiquid collateral tokens. An attempt at an oracle attack during the height of the bull market would have been futile and would almost certainly have lost the attacker’s money. But under current conditions, such exploits have become increasingly lucrative, as long as the attacker has enough money to influence prices.
Those who have deposited funds into the Solana DeFi protocols should be wary of the risks of the current situation. While not all protocols will be vulnerable, protocols that offer more exotic tokens as collateral could be at risk. Eisenberg has marked potential exploits using similar price manipulation methods to his attack on Mango Markets, showing that he is actively looking for vulnerable protocols. If liquidity on Layer 1 chains like Solana continues to decline, we will likely see more price oracle attacks in the future, similar to the exploits of Solend and Mango Markets.
Disclosure: At the time this piece was written, the author owned SOL and several other digital assets.
Share this article
