Unfortunately, in the current De-Fi landscape smart contract risks are very prevalent and should always be considered. Today, an exploit left IceCreamSwap tokens useless, and the exploiter has made off with close to $1,000,000.
After a parabolic rally on the Binance Smart Chain (BSC) we have run into our latest “bump” in the road. One of the latest PancakeSwap forks, IceCreamSwap has been hacked. This team forked the PancakeSwap code and attempted to add their own twist on the AMM, advertising that they were to provide a yield optimizer and NFT marketplace. These developments have seemed to been cut short due to an exploitation of the code, and IceCreamSwap tokens are now worthless.
ICS was one of the latest BSC-based AMM’s allowing users to farm tokens by providing liquidity. This project launched early this month and was working through developments until today; the team has posted the following tweet on their Twitter:
When looking into the transaction it seems the hackers were able to make out with over 6,000 BNB or just about shy of $1 million USD. The hacker was able to exploit a weakness in the ICS code setting themselves as a developer. With these permissions, the hacker was able to create contracts that liquidated ICS. In short, this allowed the exploiter to mint and sell tokens, which were then routed to multiple different wallets. On top of this, it seems that the block reward has been dramatically increased, devaluing the token. Yesterday the circulating supply of ICream was 520,000 but today there are now over 100 trillion tokens and counting. This has left the token useless and all users who provided liquidity have lost their funds to impermanent loss.
The hackers’ wallet can be viewed here.
Smart Contract Risks
This must serve as a fair warning of the high-risk nature of De-Fi projects. While smart-contracts give developers the tool to create robust protocols, innovating traditional financial services, there are unfortunately inherent risks. These can be defined as smart contract risks; while this code allows users to develop trustless and decentralized protocols, they are not perfect. Malicious developers can leave loopholes in code to siphon users’ money. This has been the case for the latest rug-pulls on the BSC prior to ICS, where malicious developers have siphoned over 2,000,000 USD.
In other instances, developers may not recognize a critical error in their code. This is unavoidable as nothing is ever perfect, which was the case in the Harvest Finance hack. Unnoticed structural integrity in a smart contract can be easily exploited by malicious users who find vulnerabilities in the code and ultimately steal users’ funds.
Overall, smart contract risk is a prevalent issue in the De-Fi space on both the Ethereum Network and the Binance Smart Chain. At the same time, these are not insanely common occurrences, but they ever too frequent. We have published a few guides on the BSCNews website, authored by The Ape, which help users safeguard against these instances:
Unfortunately, in the current De-Fi landscape, smart contract risks are very prevalent and should always be considered. As the space continues to mature, we can expect to see better audits, more educational awareness, and a general increase in safety. These tools are quickly developing with a large amount of insurance and audit protocols launching to help safeguard and protect users from these occurrences. As for now, it is ever so important for users to exercise caution as there has been a numerous flow of new projects with the BSC’s recent exponential growth.
Source : bsc.news
Founded in 2020, BSCNews is the leading media platform covering decentralized finance (DeFi) on the Binance Smart Chain (BSC). We cover a wide range of blockchain news revolving mainly around the DeFi sector of the crypto markets. BSCNews aims to inform, educate and share information with the global investment community through our website, social media, newsletters, podcasts, research, and live ask me anything (AMA). Our content reaches hundreds of thousands of global investors who are active in the BSC DeFi space.