DeFi yield farming protocol Yearn Finance has just reopened the yDAI vault, restoring the $11 million lost during the weekend flash loan attack.
Year Finance, the performance protocol in DeFi created by Andre Cronje, revealed details of a flash loan attack, or flash loan, of which he was a victim this weekend, and in which he saw 11 million dollars in DAI disappear in one of his vaults. In this report, the DeFi protocol assured that its crypto community was studying the possibility of restoring the funds lost during the flash loan attack and reimbursing the losses of affected users, with YFI tokens, the project's native token, newly minted in the platform, according to a proposal of coinage presented in January of this year.
The crypto community recently approved the proposal and Yearn Finance has just reopened the vault affected by the attack, the yDAI v1. In a statement shared on Twitter recently, the project developers point out that yDAI has been re-opened, and that the protocol has created a Maker Vault with YFI tokens from the Yearn treasury, to mint $9,7 million in DAI and complete the yDAI vault, restoring losses.
Given the revelation, the crypto community is celebrating the actions of the developers, although they reported that this decision is part of an exceptional case, which will not happen again in the future; Therefore, they recommend Yearn Finance users purchase coverage insurance to secure their funds deposited in the protocol. Yearn Finance minted 6.666 YFI, valued at press time in $37.900 USD each.
It may interest you: Yearn Finance is the victim of a million-dollar flash loan attack, but all is not lost
Flash loan at Yearn Finance
Flash loan attacks are becoming the preferred way for attackers to extract funds from decentralized protocols, and appear to be one of the easiest ways to breach and attack DeFi protocols. These attacks make use of the liquidity of a flash loan to carry out different transactions and take advantage of the disparity in the prices of various stablecoins on different protocols. While flash loan attacks do not, per se, exploit a security vulnerability within a protocol, they do help cybercriminals illegally obtain or extract funds from a protocol.
In the case of Yearn Finance, the attacker was not able to keep the 11 million dollars extracted from the yDAI v1 vault, but his profits were around 2,7 million dollars in stablecoins such as DAI and USDT. From this “profit”, the 1,7 million dollars that the attacker extracted in Tether (USDT) They were blocked, according to Tether CEO Paolo Ardoino, a few hours after the attack was discovered.
The rest of the funds went to Curve Finance, where the liquidity providers of this protocol generated profits of $3,5 million; Another $3,5 million went to Curve stakers' profits and the rest of the lost funds, $1,4 million, were paid in commission fees to DeFi liquidity protocol Aave.
Cover for DeFi, the recommendation of Yearn developers
Despite the quick response of the developers to protect the remainder of the funds that were available within the vault at the time of the attack, and the crypto community to freeze the illegally acquired funds, Yearn Finance warns that the minting will not be used to restore new funds, in case the protocol suffers or is affected by a new attack in the future.
The developers recommend that users, and the crypto community in general, have coverage to protect and safeguard their funds and cover future losses, should they occur.
Continue reading: Chainlink Oracles Can Help DeFi Avoid Flash Loan Attacks, Warp Finance Says
