Primitive finance, significant options for decentralized finance, had to take an extreme action, hacking its smart contracts in light of a lately discovered exploit. A few hours ago, on Feb. 22, a critical vulnerability was found in Primitive Finance smart contracts. Moreover, the contract could not be suspended or upgraded, so the team chose to “whitehack” its smart contracts to safeguard user funds. Primitive finance has rescued most of the funds. However, the users need to take action, as some could still be at risk.
The blog post advocated that the vulnerability is related to ‘infinite approvals’ done on one of the protocol’s smart contracts. It continued that manually resetting approvals back to zero will protect any assets, and those that have employed this contract to support token spending could still be at risk. Moreover, during press time, malicious actors were not able to exploit the contract. They weren’t able to steal funds due to Primitive Finance’s swift reaction.
Primitive finance safeguarded 98% of the funds.
The Primitive finance also acknowledged Yannis Smaragdakis and Neville Grech at Dedaub, Mitchell Amador and Duncan Townsend at Immunefi, and Emiliano Bonassi ReviewDAO for their significant efforts to protect its users. The protocol also stated that they were successful in rescuing 98% of the funds. However, tokens in the wallet which have allowed the vulnerable contract are still at risk.
Moreover, Primitive is a permissionless options protocol developed on Ethereum. Liquidity providers can receive a yield on ETH, DAI, or DeFi tokens by offering collateral to option markets. They receive the yield via trading fees on the Sushiswap automated market maker. The protocol originated to mainnet in late December 2020. Further, Open Zeppelin audited it in August of the same year. However, code vulnerabilities seem to have slipped within the net. The total value locked over the entire DeFi sector has turned to its all-time high of a little over $50 billion, according to DappRadar. MakerDAO is the leading protocol with $6.7 billion, accompanied by Aave with $5.5 billion in collateral lock up.
Follow BitcoinWorld for the latest updates.
