- bZx marked it’s third exploit of 2020, losing $8.1 million of funds to a vulnerability in the code.
- The BZRX token fell by 30% in the aftermath of the incident, as the burden of the loss was shifted to the insurance fund.
- bZx’s fate rests with the broader DeFi community and whether they decide to return to the protocol as users.
Share this article
Less than two weeks after re-deploying on mainnet, bZx has been exploited for $8.1 million of LINK, ETH, and stablecoins. The incident caused the BZRX token to fall over 30%, as the value of the token secures protocol deficits.
How Many Times Is Too Many?
Earlier this year, the team behind bZx paused the protocol after two consecutive hacks caused a mass outflow of capital. Promising to come back stronger, bZx built a new iteration of the product over six months. The protocol was finally deployed again on Sept. 2.
It’s been less than two weeks, and bZx has been attacked once again.
This time, however, the loss is exceptionally higher than before. Given prevailing prices at the time of the hacks, bZx had been previously exploited for $330,000 and $640,000, respectively.
The latest hack saw $8.1 million of customer funds lost.
1/4 Last night I found an exploit in BRZX. I noticed that a user were capable of duplicating “i tokens”. There was 20+ million $ at risk. I informed the team telling them to stop the protocol and explained the exploit to them. At this point none of the founders were up.. pic.twitter.com/MdJqOH2IPu
— Marc Thalen (@MarcThalen) September 14, 2020
bZx’s iToken’s were deployed with a bug that allowed users to increase their balances artificially. The platform’s sustained losses were as follows:
- 219,199.66 LINK ($2.61 million)
- 4,502.70 ETH ($1.65 million)
- 1,756,351.27 USDT
- 1,412,048.48 USDC
- 667,988.62 DAI
The insurance fund will bear the liability for these losses. Since the BZRX token derives a portion of its value from the insurance fund, its price tanked 31%…