Posts

Li Finance $587,500 Smart Contract Hack

avatar of @boscohage
25
boscohage
@boscohage
·
0 views
·
2 min read

Definitely, it's all glaring that it can't be over emphasized, there are surely loopholes that needs to be filled constantly. Decentralized Finance DeFi have been a target by hackers from the beginning of the year as the first exploit happened on DeFi. I have come too a standstill finally that it is inevitable who would be exploited but it could all be prevented when builders triple check for vulnerability. Users are always the one hit hard even though reimbursement comes in, that feeling of shock is engraved in the mind even though it's for a short period of time, the scar remains.

Li Finance LiFi is a cross-chain swap bridge that connect DEXs.

Source

Apparently, the vulnerability of Li.Fi was as a result of it's swapping feature which had allowed for infinite approval of it's smart contract. Only those users that had been granted infinite approval were victims this time. The bug in the smart contract allowed for the hacker to execute the hack easily. Hackers are just so smart and are very watchful to take a lot all at once that worth $587,500. The hacker swapped USDC, MATIC, RPL, GNO, USDT, MVI, AUDIO, AAVE, JRT, and DAI to ETH, a total of 205 ETH.

The vulnerability cost 29 users thier tokens after the hack, although Li Finance reimbursed 25 users their tokens that worth $80,000 and the remaining four users were offered to an option to be angel investors in the Li Finance do their funds haven't been reimbursed. It's the option for the investor to agree or not but Li.Fi doesn't just want to pull out the cash from it's space just like that but trying to see a way to cut its losses. Li Finance made a tweet about the hack and when it had been resolved.

Taking the hit is a hard one but it has surely happened and all vulnerability has been fixed. The hacker on the other hand isn't ready to return the funds and get a bounty after being contacted by Li.Fi.

It's clear now that Decentralized Finances are the main targets for hacks, the truth is that the digital space is vulnerable nevertheless. So everyone should do there own bidding to not be in the losing end, users should always keep wallets safe and the blockchain, cross-chain, developer or bridges should play their own part to keep users from kissing faith in them or going through the fear of loss.

Thank you for visiting my blog, till next time.