Value DeFi, a decentralized finance yield farming protocol, has announced that it has integrated Chainlink into its platform.
Notably, the latest integration is coming off the back of the recent hack attack on the platform. Value DeFi counted its losses last week Saturday after an unknown bad actor capitalized on the loopholes within the platforms unaudited and centralized price oracle to steal about $6 million from the platform. According to records, the latest hack came after the protocol launched its much anticipated MultiStables Vault, a project designed to move money belonging to investors around different DeFi projects to increase clients’ profits.
Hackers used flash loans to carry out attacks
According to the detailed explanation by Value DeFi, the hackers used flash loans in one of the pools that were being moved around, hence, manipulating the protocol. Notably, a flash loan is a loan that is issued on the spot by Aave Protocol. After using the flash loan on one of the pools, the hacker could then purchase the tokens at a discounted rate.
The hacker managed to perpetuate the act because it used the loophole in the centralized price feed to verify the vault’s prices, which automatically makes it vulnerable. So in a bid to eliminate something like this from occurring in the future, the developer team of the platform chose Chainlink, a decentralized price oracle.
“After so many debates and considerations of all the options that were available to us, we decided to go with Chainlink as it ideally provides everything we want,” Value DeFi said. Notably, Chainlink is an oracle solution that provides its users with a tamper resistance price solution which can be used to check flash loans attacks.
The whole idea behind this integration is that the feeds that Chainlink will get are decentralized, which means that all the information it provides has been checked, verified, and validated to be true. With this, it would be hard for people to create fake price information.
Chainlink’s founder asks financial providers in DeFi to audit their smart contracts
While giving his view on the latest development, the founder of Chainlink, Sergey Nazrov, has noted that because the flash loans are being used in the attack doesn’t make them the real reason for the problem. Flash loan is a type of loan that can be borrowed by a specific DeFi user, provided the user can pay all the funds back in just one transaction.
“The main issue here is the security of the price oracle. Any seasoned hacker will be able to breach the security of these price oracles and steal funds. The part of flash loans in this story is simply because it makes a hacker more versatile,” the founder said.
In the last few months, hackers have decimated the entire DeFi sector while using flash loan attacks to carry out their deeds. A typical example is Harvest Finance, which lost $34 million. Other examples are Cheese Bank and Akropolis, which suffered a combined loss of $5.3 million.
Nazarov also mentioned that teams in charge of creating these financial projects in the DeFi ecosystem should look at the kind of security they use. Another way to counter fash loan attacks, according to the founder, is to audit their smart contracts.