BNB
by BSC News
October 4, 2022
How safe are yield farms? What are the common causes of exploits? What are projects doing to improve the security of their yield farms? Learn more here!
By giving investors a new platform to diversify their portfolios, the promise of Decentralized Finance (DeFi) is starting to take shape. However, with the rise in investors’ participation, there’s also been a rise in exploits of yield farms
Across all chains, DeFi protocols have about $80 billion in Total Value Locked (TVL), according to DefiLlama, with that number having crested at an all-time high of more than $250 billion during the latest bull run. With all this capital in the crypto ecosystem, investors have discovered yield farming to be an attractive way to enhance their returns.
At the same time, this has created opportunities for bad actors to steal users’ funds by deploying exploits, often with enough ferocity to hijack entire projects. By now, millions upon millions of dollars have been stolen, mainly through anonymous hacks, with very little finding their way back.
The majority of these exploits are based on unseen and unintentional bugs in a protocol’s mart contract. That happened with KetchupSwap, Lokum, YBear, Piggy, CaramelSwap, GoCerberus, and GarudaSwap -- all yield farms operating on BNB Chain.
The attackers of these projects found out that these projects were using the same MasterChef Contract to distribute rewards. Due to an error in this contract, nearly $10 million was stolen, plummeting the prices of their native tokens close to $0.
Of course, such exploits are not exclusive to BNB Chain. For example, on Polygon, the value of the PolyYeld Finance project also collapsed to $0 after attackers found a vulnerability to mint an excess supply of YELD tokens. According to PeckShield, $250,000 was stolen overnight.
To combat the rise of exploits, different yield farms are adopting various strategies to ensure they are not the target of the next hack. GarudaSwap initiated Thoreum Finance, which introduces smart contract upgrades that are “security proofed,” known as THOREUM Masterchef.
On the other hand, Curve Finance uses different strategies to mitigate the risk of exploits. That includes Security Auditing of their smart contracts, where experts double-check the code for any bugs, and the use of Curve Emergency DAO, where participants can vote to pause and unpause the pool if they find something “fishy.”
With any type of investment, there will always be some level of risk. As the amount of money at stake continues to increase, and accordingly the potential rewards for successful hackers, yield farms are adopting more conservative stances and defensive approaches in order to minimize margins of error.
As exploits grow more sophisticated, projects must continuously monitor, test and update potentially vulnerable lines of code.
Related News
Latest News
May 18, 2024
Weekly Article Recap: 5/13-5/17
May 17, 2024
Kraken ‘Actively Reviewing’ The Status of Tether in Compliance With MiCA
May 17, 2024
Nigerian Court Denies Bail to Binance Exec Tigran Gambaryan on Money Laundering Charges
May 17, 2024
All You Need to Know About The Pump.Fun Exploit
May 16, 2024
French Regulator Hints at Legal Action Against Bybit, Citing Illegal Operations
May 16, 2024
What is MakerDAO’s Upcoming PureDai and NewStable?
May 16, 2024
Morgan Stanley Reports $270M Bitcoin ETF Investment in Grayscale’s GBTC
May 16, 2024
What is pSTAKE Finance?
More News