Algorand-Built Tinyman Protocol Loses $3.5m To Hackers

Algorand-built DeFi project Tinyman is the latest victim of hackers’ exploit. The project released an official statement to confirm the hack and stated that the hack occurred on new year’s day. Part of the statement revealed that the hack happened due to a loophole in the project’s smart contracts. Thus, compromising a few pools. The protocol confirmed that it lost more than $3.5m due to the incident.

How It Happened

Highlighting part of the process that led to the attack, Tinyman stated that the hackers deposited an attack seed fund after activating their wallet addresses. Part of the statement also revealed that the hack caused the loss of various assets within the first few hours of the attack, with a surge in volatility following the incident. It also revealed that investigations are still ongoing, and the project team will duly pay the affected users.

Then, they started siphoning funds and minting pool tokens from several pools. Some pool tokens were burned during this incident. Hence, the hackers didn’t have two assets but double of one asset. Nevertheless, they still made away with an estimated $3.5m worth of assets.

As a wholly decentralized project, Tinyman can’t overturn transactions like this one. The best solution would be for its users to pull liquidity from contracts that the team has promptly recommended. Tinyman’s $44m worth of liquidity pre-hack is now less than $19m post-hack.

Preventing Future Similar Incidents

An auditor runtime verification made Tinyman aware of a possible hack following a security examination of the project’s smart contracts. Even though the auditor proffered a solution for Tinyman, the project couldn’t implement the solution before the hacking incident. Players in the DeFi space continue to be the target of hackers because of the enormous cash flow available in that sector. Consequently, each DeFi market player must have a robust audit and insurance solution.

It seems like hacks on DeFi-related projects won’t stop anytime soon, even this new year, even though the DeFi sector lost the highest amount of funds among the crypto sectors in the just-concluded year. Now, crypto investors need to be cautious about investing in any project. They must only invest in projects with adequate insurance in place, especially as the crypto industry continues to grow in leaps and bounds. Right now, the best solution any protocol can use to protect itself and its investors is to be insured.

DeFi Market Bullish In The New Year

The DeFi market seems to be recovering faster than other sectors following a generally bearish December as three DeFi tokens (UNI, YFI and AAVE) are among the top gainers in the market on the first Monday of the new year. Santiment data showed that DeFi tokens made nearly 12% gains compared to the other sectors of the crypto market, which saw little or no price activity.

DeFi-related tokens performance. Source: Santiment.

Despite several attacks and rug pulls in the DeFi sector, it remained the focus of most investors. Its overall evaluation is nearly $165b and in the last 24 hours, yearn finance governance token made the most gains with a 12% price increase. As of this writing, YFI currently trades at $40.9K.

Tokenhell produces content exposure for over 5,000 crypto companies and you can be one of them too! Contact at info@tokenhell.com if you have any questions. Cryptocurrencies are highly volatile, conduct your own research before making any investment decisions. Some of the posts on this website are guest posts or paid posts that are not written by Tokenhell authors (namely Crypto Cable , Sponsored Articles and Press Release content) and the views expressed in these types of posts do not reflect the views of this website. Tokenhell is not responsible for the content, accuracy, quality, advertising, products or any other content or banners (ad space) posted on the site. Read full terms and conditions / disclaimer.