1. Home
  2. Belt Finance

Belt Finance

Finance Redefined: Binance leads $60M Multichain funding, Interlay raises $6.5M, Dec. 17–24

Binance Labs was the lead funder in a $60-million seed round, Interlay seeks to increase Bitcoin interoperability, Bent Finance and Grim Finance suffer million-dollar exploits — all coming to you in this week’s Finance Redefined.

Welcome to the latest edition of Cointelegraph’s decentralized finance newsletter.

As the crypto community filled its crypto stockings for the holiday season, the Grinch emerged to gift a grimacing fate to two DeFi platforms, stealing their festive spirit and a whole lot of dollars. 

Reading this article, you're only receiving a portion of the content from our DeFi newsletter. Drop your email below for the full copy.

Binance VC arm leads $60M round in cross-chain protocol Multichain

Binance Labs, the venture capital side of global crypto exchange Binance, facilitated a $60-million capital funding raise for cross-chain router protocol Multichain. Other notable participants included Sequoia China, IDG Capital and Three Arrows Capital.

Amid Multichain’s corporate rebrand from AnySwap last week, analytical estimates placed the protocol’s total value above $5 billion and reported over 300,000 users on the platform. The funds raised will be utilized across various domains, including research and development of crypto algorithms, audits, security and general ecosystem growth.

In addition to the capital support, Binance has also pledged to develop a broader relationship with the protocol, announcing that Multichain will be officially recommended as a tool to bridge bToken across chains through Binance’s smart contract platform, the Binance Smart Chain (BSC).

BSC expressed high praise of Multichain, noting that it is “one of the biggest routers on BSC.” Zhaojun, a co-founder of Multichain, stated that the protocol connects “more public blockchains and crypto assets than anyone else, with lower transaction fees, shorter bridging time and higher security levels.”

Related: Binance to launch $1B fund to develop BSC ecosystem

Interlay raises $6.5M to accelerate Bitcoin DeFi interoperability

DeFi infrastructure startup Interlay announced a $6.5-million Series A funding round led by venture fund DFG Capital with additional participation from Hypersphere and Nexo Finance, among others.

The funding is set to support the construction of DeFi applications cross-chain to Ethereum, Cosmos and Polkadot, as well as onboard new developers to the team.

Interlay was designed to enhance the interoperability of crypto assets such as Bitcoin (BTC) to networks that typically facilitate DeFi activity such as Ethereum and Polkadot, a vision that the Web3 Foundation understood when it invested in the platform via a grant in March 2020.

Interlay's core product, a Bitcoin-backed digital asset titled InterBTC, can be utilized within the Polkadot ecosystem for various DeFi activities such as yield farming, lending and acting as a collateral asset. Tokenizing a Bitcoin derivative opens the possibility of greater utility for the asset in comparison to the functional capacity of the Bitcoin network.

Speaking on the funding raise, James Wo, founder and CEO of DFG, stated that Interlay’s solution would “expand the cross-chain possibilities for Bitcoin” before tweeting:

Related: Crypto interoperability evolves: From blockchain bridges to DeFi transfers

Bent Finance and Grim Finance exploited for multi-millions

DeFi protocol Grim Finance reported over $30 million in losses this week after an “external attacker” gained access to the protocol’s vault contract via five reentrancy loops. This made it the sixth platform to encounter a security breach in the month of December, following high-profile hacks such as BadgerDAO’s $120 million loss.

In a damning explanatory tweet thread, DeFi security service RugDoc stated that Grim Finance’s largest mistake was not implementing a reentrancy guard on the before-after pattern in the protocol’s smart contract coding. Another mistake was granting the user “more privilege than is necessary” in enabling them to choose the preferred deposit token. RugDoc further explained:

“Hopefully, all projects can draw lessons from this incident that there is much knowledge most experienced solidity devs have at hand. If you haven’t acquired this yet, don’t build multi-million dollar projects. Don’t get audits from companies which everyone knows are useless.”

Similarly, fellow DeFi platform Bent Finance, known for its capabilities of staking and yield farming, also suffered a malicious exploit this week to the tune of 440 Ether (ETH), or just above $1.6 million at the time of writing.

Related: Crypto could save Millennials from the economy that failed them

Token performances 

Analytical data reveals that DeFi’s total value locked has increased 15.74% across the week to a figure of $142.58 billion, engulfing the losses printed in last week’s market downturn.

Data from Cointelegraph Markets Pro and TradingView reveals DeFi’s top 100 tokens by market capitalization have mainly been bullish over the last seven days.

Yearn.finance (YFI) registered two weeks of gains with 53.28%. Terra (LUNA) rose 36.6%, while Aave (AAVE) printed gains of 34.2%. Curve DAO Token (CRV) and Compound (COMP) claimed fourth and fifth places this week with 28.6% and 15.4%, respectively.

Interviews, features and other cool stuff

Thanks for reading our summary of this week’s most impactful DeFi developments. Join us again next Friday for more stories, insights and education in this dynamically advancing space.

Angel Investor: Multichain a Stopgap, Future Lies in Advanced Protocols

Finance Redefined: dYdX milestone and $1M DeFi bounty, Sept. 24–Oct. 1

DYdX volume tops Coinbase for the day, Cardano enables a new stablecoin, and a DeFi bounty hunter is highly rewarded — all coming to you this week in Finance Redefined.

Welcome to the latest edition of Cointelegraph’s decentralized finance (DeFi) newsletter.

DYdX surpassed Coinbase in daily trading volume for the first time this week. Read on to discover why this was a seminal moment for the project’s founder.

What you’re about to read is the concise version of this newsletter. For the full breakdown of DeFi’s developments over the last week — released with more anticipation than a layer-two airdrop — register below.

dYdX surpasses Coinbase in trading volume for first time

Decentralized derivatives exchange dYdX has risen to prominence through 2021 as an alternative to the hegemony and governmental transparency of centralized exchanges. It was revealed that dYdX surpassed the daily trading volume of crypto exchange stalwart Coinbase for the first time in its history.

Analytical data from CoinGecko revealed that dYdX facilitated in excess of $4.3 billion trading activity on Sept. 26, eclipsing Coinbase’s output of $3.7 billion by almost 15%.

This marks a full-circle moment for dYdX founder Antonio Juliano, who previously applied his trade at Coinbase. He recalled a time when he first spoke to CEO Brian Armstrong about his ambitions to launch a company in the future, receiving the response, “That’s awesome, let’s see how we can help you do that.”

Juliano celebrated the landmark in a series of tweets last Sunday:

Cardano to enable new DeFi stablecoin with Coti

It was announced this week that Cardano’s payment gateway provider, Coti, is expected to issue a new stablecoin called Djed to support the ecosystem’s ambitions in ensuring price stability and increasing the transparency of gas fees on the network.

According to Djed’s research paper released in August, its stablecoin protocol will behave like an “autonomous bank that buys and sells stablecoins for a price in a range that is pegged to a target price.” The stablecoin will operate by maintaining a reserve of base coins while minting and burning various other stable assets and reserve coins.

Cardano founder Charles Hoskinson believes that the Djed stablecoin could be revolutionary for the crypto space, as it appeals to an “entirely new audience at a time when the industry is already experiencing astronomical growth.”

White hat hacker paid DeFi’s largest reported bounty fee

Automated market maker protocol Belt Finance offered the largest reported bounty in the history of DeFi this week to a white hat hacker responsible for discovering a bug that, if exploited, could have exposed $10 million in assets.

For his good-willed efforts, industry programmer Alexander Schlindwein received a generous compensation of $1.05 million, $1 million of which was granted by software security platform Immunefi, while the additional $50,000 was offered by Binance Smart Chain’s Priority One program upon which Belt Finance is built.

Cointelegraph spoke to Schlindwein for an exclusive insight into the timeline of events, as well as the wider implications of bounty programs on DeFi’s security landscape:

“I am strongly convinced of the importance of bug bounties and initiatives such as bounty funds. Bug bounties are the last line of defense should an issue slip through the overlying layers with the potential to prevent a devastating hack while instead seriously fixing the issue and compensating the finder.”

Schlindwein concluded, “It’s great to see hundreds of projects launching their bug bounty nowadays, which will certainly bring DeFi security forward in the long run.”

Token performances 

Analytical data reveals that DeFi’s total value locked has increased 15.34% across the week to a figure of $121.41 billion.

Analytical data on Cointelegraph Markets and TradingView reveals that DeFi’s top 50 tokens by market capitalization largely struggled across the last seven days, with a handful of prominent exceptions. 

DYDX secured the podium’s top spot with an impressive 82.39%. UNI came a respectable second with 23.88%, while PERP bagged third with 21.45%. Fourth and fifth place were claimed by FTM and XTZ with 11.62% and 8.67%, respectively.

Extra DeFi stories from the week:

Thanks for reading our summary of this week's most impactful DeFi developments. Join us again next Friday for more stories, insights and education in this dynamically evolving ecosystem.

Angel Investor: Multichain a Stopgap, Future Lies in Advanced Protocols

White hat hacker paid DeFi’s largest reported bounty fee

Cointelegraph spoke to the hacker for insights on the timeline of events, as well as the wider implications of bounty programs on DeFi’s security landscape.

Belt Finance, an automated market maker (AMM) protocol operating a yield optimization strategy on Binance Smart Chain (BSC), claims to have paid the largest bounty in the history of decentralized finance (DeFi) to a white hat hacker who averted a $10-million bug crisis. 

Industry white hat programmer Alexander Schlindwein discovered the vulnerability in Belt Finance’s protocol this week and reported the news to the team. For his efforts, Schlindwein received a generous compensation of $1.05 million, the majority of which ($1 million) was granted by Immunefi, with the additional $50,000 offered by Binance Smart Chain’s Priority One program.

Immunefi is one of the market leaders in software security for cryptocurrency projects. Since its inception, the platform has reportedly paid out in excess of $3 million to white hat hackers who have successfully identified technical infrastructure flaws in smart contracts and crypto platforms.

Priority One is a BSC initiative launched in July to enhance the security of decentralized applications (DApp) within the platform’s native ecosystem. Mirroring the structure of Immunefi, the service provides a $10-million incentive fund to blockchain bounty hunters who successfully contribute to the avoidance of security breaches across 100 DApps.

Schlindwein told Cointelegraph about how he discovered the vulnerability:

“I went through the list of bug bounties on Immunefi and picked Belt Finance as the next one to work on. While I was studying their smart contracts, I noticed a potential bug in the internal bookkeeping, which keeps track of each user’s deposited funds. Playing the attack through with pen and paper gave me more confidence in the existence of the bug. I continued by producing a proper proof-of-concept [PoC] which undoubtedly confirmed its validity and economic damage.”

“The next step was to create an official report on Immunefi including the PoC and an extensive description of the exploit,“ Schlindwein said, adding, “Immunefi reacted immediately to the critical report, and within three minutes after submission, it was escalated to the Belt team. Shortly after, Belt confirmed the validity of the report and began implementing a fix, which then patched the vulnerability.”

Related: The perfect storm: DeFi hacks will advance the crypto sector moving forward

Although DeFi’s security breaches remain a prevalent concern, it has been argued by some that the nascent ecosystem will benefit from such incidents in the long term, as areas of weaknesses are starkly highlighted.

Cointelegraph asked Schlindwein his perspective on the importance of bounty programs in supporting DeFi’s antifragile ambitions:

“I am strongly convinced of the importance of bug bounties and initiatives such as bounty funds. DeFi security consists of multiple layers, starting with peer review and unit testing to external audits and formal verification. Bug bounties are the last line of defense should an issue slip through the overlying layers with the potential to prevent a devastating hack while instead seriously fixing the issue and compensating the finder.”

“Bug bounties in DeFi have been a rare sight before Immunefi existed, only offered by the ‘Crème de la Crème’ of projects. It’s great to see hundreds of projects launching their bug bounty nowadays, which will certainly bring DeFi security forward in the long run,” Schlindwein concluded.

Angel Investor: Multichain a Stopgap, Future Lies in Advanced Protocols

Binance Smart Chain Faces yet Another Flash Loan Attack: Belt Finance Loses $6.3 Million

Binance Smart Chain Faces yet Another Flash Loan Attack: Belt Finance Loses .3 MillionBelt Finance, a Binance Smart Chain-based decentralized lending protocol, lost $6.3 million in a flash loan attack last week. The attackers took advantage of a series of inefficiencies in the smart contract to manipulate the price of the set and obtain profit from a series of transactions. This is just the last of a series […]

Angel Investor: Multichain a Stopgap, Future Lies in Advanced Protocols

Belt Finance loses millions in latest BSC-based DeFi exploit

Another day, another BSC DeFi protocol gets hacked.

Belt Finance has become the latest Binance Smart Chain-based decentralized finance, or DeFi, protocol to lose millions to an opportunistic hacker.

The Rekt Blog, which post mortems DeFi exploits, stated that an attacker exploited a flaw in the way the protocol’s vaults calculates the value of its collateral which helped to “add another notch to the now infamous flash loan exploit season on the BSC,” adding:

“Yet another fork of a fork has rolled off the conveyor belt with $6.3M falling straight into the hands of the hacker.”

Rekt revealed that a total of eight flash loans were made on PancakeSwap for $385 million BUSD. The beltBUSD vault's “Elipsis” strategy was exploited as it was the most undersubscribed strategy on the platform.

Belt Finance uses an optimal yield aggregator to offer passive yield generation to depositors. Elipsis is a decentralized exchange that enables swapping of stablecoins with low slippage on the Binance Smart Chain. The beltUSD vault also deploys capital on the BSC-based protocols Venus, Alpaca, and Fortube for yield generation.

On May 30, SushiSwap core developer Mudit Gupta posted a Twitter thread examining the incident, describing the flash loan attack as one of the “more complex hacks.”

Belt’s vaults operate with a target balance for each strategy employed, he explained. When a user deposits money into a vault, the capital is allocated to the most undersubscribed strategy. When someone withdraws money from the vault, it withdraws it from the most oversubscribed strategy.

Gupta asserted the attacker exploited this system to make several transactions across multiple strategies, inflating the value of its pools before repaying the flash loan and pocketing more than $6 million in profits. Gupta concluded:

“Basically, the issue happened because Belt incorrectly integrated with Elipsis. A similar issue happened last month as well in belt finance but at that time, the problem was a buggy integration with Venus. I wonder if belt has any bug-free integration.”

Venus is another BSC protocol for lending and borrowing via the minting of synthetic stablecoins.

Belt Finance is the latest in a lengthening list of BSC DeFi protocols to get exploited. On May 28, the BurgerSwap DEX was attacked resulting in the draining of $7.2 million.

So far this year, Cream Finance, bEarn, Bogged Finance, Uranium Finance, Meerkat Finance, SafeMoon, and Spartan Protocol have all suffered exploits on Binance Smart Chain. Binance has now turned to blockchain intelligence company CipherTrace for analytics support in a bid to mitigate further incursions.

Angel Investor: Multichain a Stopgap, Future Lies in Advanced Protocols