Rari Capital, a decentralized finance (DeFi) project, plans to reimburse users who lost funds when almost $11 million in ethereum (around 60% of users’ funds) was drained from its liquidity pool.

  • Rari Capital said the attacker exploited its yield-generating integration with Alpha Finance Labs’ ibETH token.
  • Jai Bhavnani, Rari Capital CEO, explained in a blog post on May 9 that the exploit drained a total of 2,600 ETH (about $10.6 million at the time of writing).
  • The attacker took advantage of a function in the ibETH token to artificially inflate its value, allowing more to be withdrawn than had been deposited, according to a May 9 post-mortem by David Lucid, Rari Capital's lead developer.
  • In his update, Bhavnani said 2 million of the project's RGT governance token, intended to be used to scale the team, would now be offered to reimburse users that lost out to the exploit.
  • "All of the protocol contributors have elected to give that 2M $RGT back to the DAO with the ask of using the newly acquired $RGT to reimburse lost funds and reward those that helped in the war room," he said.
  • In future, Rari Capital will request the protocols it integrates with to review the integrations for security, according to Lucid.
  • He also proposed that deposits and withdrawals are prevented in the same block, or have a timelock applied to prevent funds being drained at speed.
  • From trading at more than $17 prior to the exploit, the Rari governance token fell almost 50% to $9.07 before rebounding. At press time it is sitting at $12.09.
  • The 2 million RGT tokens are currently worth just over $2.4 million.

See also: Binance Smart Chain’s Spartan Protocol Loses $30M+ in Exploit

Read more about...

CrimeDeFiExploits
Disclosure
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.