1. Home
  2. lending protocol

lending protocol

Aave’s proposal to launch on zkEVM passes ‘temperature check’ vote

A proposal to deploy the third version of lending protocol Aave has recently passed a “temperate check” with an overwhelming favorable majority.

A "temperature check" proposal to deploy the decentralized exchange (DEX) Aave on the zkSync Era Mainnet has passed with overwhelming support from the Aave community. 

When voting closed on April 16 more than 99% of Aave (AAVE) token holders voted in favor of launching the third version of the lending and borrowing protocol on the zero-knowledge Ethereum Virtual Machine (zkEVM).

According to the proposal first pitched on March 26, the launch will be limited to USD Coin (USDC) and Ether (ETH).

Now that the temperature check has indicated a "positive sentiment," the next steps listed in the proposal will be to proceed to another stage for further discussion, followed by risk parameter evaluation and finalization of the proposal.

If the next stages are successful the proposal will be submitted for voting and on-chain governance approval.

Only around 0.02% voted against the proposal with a further 0.02% abstaining from voting.

According to the proposal, deploying on zkSync can benefit the Aave ecosystem by introducing new users into decentralized finance (DeFi) and cementing Aave as a premier borrowing platform within the zero-knowledge ecosystem.

Related: Stablecoin adoption could lead to DeFi growth, says Aave founder

The Aave community previously voted to deploy the Aave V3 codebase on zkSync's v2 Testnet, which was approved in another off-chain vote.

Decentralized exchange Uniswap is also set to launch on the zkEVM solution from scaling solution provider Polygon after a governance proposal was successfully passed.

In November 2022, Aave changed its governance procedures after it was hit by a $60 million short attack that ultimately failed.

Magazine: Unstablecoins: Depegging, bank runs and other risks loom

Little-known Canadian crypto firm Matador adds Bitcoin to its books

Hacker Steals $6.9 Million From Arbitrum-Based Defi Protocol Lodestar Finance

Hacker Steals .9 Million From Arbitrum-Based Defi Protocol Lodestar FinanceArbitrum-based lending platform Lodestar Finance was exploited on Dec. 10, 2022, according to a tweet from the project’s Twitter account on Saturday. Community reports detail that Lodestar lost roughly $6.9 million from the vulnerability. Lodestar Finance Loses $6.9 Million in an Exploit, TVL Drained, LODE Drops by 53% Another decentralized finance (defi) platform, Lodestar Finance […]

Little-known Canadian crypto firm Matador adds Bitcoin to its books

Moola Market attacker returns most of $9M looted for $500K bounty

The attacker has scored about a half-million dollar “bug bounty” after choosing to return a majority of the cryptocurrency they exploited from the Celo-based lending protocol.

An attacker has returned just over 93% of the more than $9 million worth of cryptocurrencies they exploited from the Celo (CELO) blockchain-based decentralized finance (DeFi) lending protocol Moola Market.

At around 6PM UTC on Oct. 18 the Moola Market team tweeted it was investigating an incident and had paused all activity, adding it had contacted authorities and offered a bug bounty to the exploiter if funds were returned within 24 hours.

Analysis of the exploit by Web3 security company Hacken shows the attacker manipulated the price of the protocols’ low-liquidity native MOO token by initially purchasing around $45,000 worth and depositing it as collateral to borrow CELO.

The borrowed CELO, along with further CELO provided by the attacker, was then used as collateral to borrow more MOO, driving up the token’s price. The attacker continued repeating this until the MOO token price had increased by 6,400%.

With the inflated token price, the attacker was able to borrow $6.6 million worth of CELO, $1.2 million of MOO, along with $740,000 of Cello Euros (cEUR) and $644,000 Celo Dollars (cUSD) all worth multiples more than their initial posted collateral resulting in the protocol's loss of around $9.1 million.

Five hours after the initial confirmation of the exploit, Moola Market tweeted it had received just over 93% of the funds exploited, with the attacker seemingly keeping the rest making around $500,000 as a bug bounty.

Moola Market did not immediately respond to Cointelegraph’s request for comment.

The attack draws similarities to the $117 million exploit suffered by Mango Markets on Oct. 11 in which Avraham Eisenberg and his team manipulated the price of the Solana (SOL)-based DeFi protocols’ native token to borrow cryptocurrencies with an undercollateralized backing. Eisenberg negotiated to keep $47 million as a “bounty.”

Related: BNB Chain responds with next steps for cross-chain security after network exploit

Multi-chain cryptocurrency wallet BitKeep also suffered an exploit late on Oct. 17 with an attacker making off with $1 million worth of Binance Coin (BNB) through a service used to swap tokens, BitKeep says it will fully reimburse any affected users.

The attacks are the latest in a series of exploits to have taken place in October which has also shaped up to be the biggest month ever for hacking activity with the total hacked value reaching around $718 million up until Oct. 12 according to analytics firm Chanalysis.

Little-known Canadian crypto firm Matador adds Bitcoin to its books

Hacker bungles DeFi exploit: Leaves stolen $1M in contract set to self destruct

A hacker apparently so thrilled by a successful theft left behind over $1 million in a smart contract that was set to destruct, permanently ensuring the crypto could never be moved.

In a rare comedic bungle among DeFi exploits, an attacker has fumbled their heist at the finish line leaving behind over $1 million in stolen crypto.

Just after 8AM UTC on Thursday April 21st, blockchain security and analytics firm BlockSec shared it had detected an attack on a little known DeFi lending protocol called Zeed, which styles itself a “decentralized financial integrated ecosystem”.

The attacker exploited a vulnerability in the way the protocol distributes rewards, allowing them to mint extra tokens which were then sold, crashing the price to zero, but netting just over $1 million for the exploiter.

Blockchain analytics firm PeckShield noted the stolen crypto was transferred to an “attack contract”, a smart contract which automatically and quickly executes the found exploit.

However the attacker was apparently so excited by their successful heist that they forgot to transfer over $1 million worth of stolen crypto out of their attack contract before they set it to self-destruct, permanently and irreversibly ensuring the funds can never be moved.

Using a blockchain scanner to view the attack contract address shows that $1,041,237.57 worth of BSC-USD Binance-Peg token is forever stuck in the contract and the successful self-destruction of the contract was confirmed at 7:15AM UTC on April 21.

Related: Truth or fiction? Popular former hacker claims to have $7B in BTC

It's one of the more bizarre turns of events since the Polygon hacker did an “Ask Me Anything” using embedded messages on Ethereum(ETH) transactions after stealing $612 million from the protocol in August 2021. The question and answer session revealed the attacker hacked “for fun” and thought “cross-chain hacking is hot.”

This latest hack is on the smaller end regarding the amount stolen, and other DeFi protocol hacks have seen hundreds of millions siphoned off as with the recent Ronin bridge hack where attackers made off with over $600 million.

Other notable DeFi exploits include the $80 million worth of crypto stolen from Qubit Finance in January where attackers tricked the protocol into believing they had deposited collateral, allowing them to mint an asset representing a bridged crypto.

DeFi marketplace Deus Finance was exploited in March when hackers manipulated the price feed of a pair of stablecoins resulting in the insolvency of user funds, netting the hackers over $3 million.

Little-known Canadian crypto firm Matador adds Bitcoin to its books

Bitcoin Suisse adopts decentralized Liquity as lending product

The Swiss firm will conduct all interactions with the Liquity smart contract on its clients' behalf but only a select few with over $500,000 on the platform will have access to the product.

Bitcoin Suisse has begun offering decentralized finance (DeFi) services to its clients with the addition of the Liquity protocol to its product lineup. It allows customers to post Ethereum (ETH) collateral in the protocol to mint and borrow the Liquity Dollar (LUSD) stablecoin.

In an announcement on April 20, Bitcoin Suisse said it will perform all smart contract interactions and system monitoring on its client’s behalf and allow the borrowed LUSD token to be exchanged into any fiat currency.

Bitcoin Suisse is a centralized crypto and financial services company founded in 2013 and based in Switzerland which offers services such as trading, custody, lending, and staking of cryptocurrencies to mostly institutional investors.

Liquity is a DeFi borrowing protocol launched in April 2021 which allows users to post Ethereum collateral into its smart contract and borrow its native LUSD stablecoin at a 0% interest rate. Liquity currently has over $1.1 billion in total value locked into its contract.

CEO of Bitcoin Suisse Dr. Dirk Klee said the firm was proud to take a “significant step” towards offering decentralized solutions to its clients:

“DeFi offers significant improvements over traditional financial services by being more open, more transparent, and more competitive.”

Launched as a pilot stage and Bitcoin Suisse says it’s only available to a select and “very small number” of its clients with the borrowing amount set above $500,000.

DeFi is becoming a particular interest to both the crypto sector and traditional finance with the current total value locked (TVL) across the ecosystem nearing $215 billion according to DeFi Llama, not far from its $254.8 billion all time high on December 2nd 2021.

Related: The many layers of crypto staking in the DeFi ecosystem

Centralized platforms are increasingly using DeFi infrastructure by either offering a central way to access decentralized services, or by backing their products with DeFi smart contracts or liquidity.

In March, Binance added functionality for use of the decentralized exchange (DEX) PancakeSwap from within the Binance app, integrating the DEX onto its centralized platform. In the same month it also launched an updated blockchain bridge, allowing assets to be bridged from any blockchain.

Australian based finance app Blockearner backs its “Yield Account” product promising a 7% APY with DeFi lending protocols Aave and Compound Finance, with users only having to deposit Australian Dollars which the app then stakes in DeFi on their behalf.

Bitcoin Suisse has long integrated crypto technology into its offerings, in November 2021 it was the first cryptocurrency payment processor in Switzerland to integrate the Bitcoin (BTC) Lightning Network in its effort to “promote the broader adoption of crypto technology.”

Little-known Canadian crypto firm Matador adds Bitcoin to its books