What Went Wrong With Inverse Finance?

June 20, 2022
Audit, DeFi, Hacks & Scams

Inverse Finance Exploited – $1.2M Stolen From The Protocol

The open-source Ethereum-based DeFi protocol Inverse Finance, has been subject to yet another exploit; this time, losing close to $5 million. 

The incident occured on June 16th when the platform lost $5.83m worth of DOLA which is the protocol’s native currency. The hackers were able to steal as much as $1.26m through a flash loan attack, by manipulating the price of oracle.

And we say “ yet another ”, because this isn’t the first time the platform has been compromised. In the month of april, the platform was subject to a similar exploit, where the attackers manipulated the keep3r oracle to change the token prices.

So What Went Wrong?

The attack was initiated when hackers took a flash-loan of 1 ETH from the Tornado protocol. This was used to artificially pump the prices for the INV token for the price keeper oracle.

The oracle relied on chainlink price data instead of the exchange’s data, which allowed easy manipulation to happen, this allowed the hackers to borrow a much greater sum than was stored as collateral.

Luckily enough, no user funds have been affected. Although the platform now owes a debt of around $5.8m, in addition to the $3.6m debt it incurred last time. The entire transaction sequence can be traced at etherscan

Contact Novvr

Don’t want us to cover you like this? Get your Dapps secured and tested at Novvr today. 

An audit is a security-focused code review with the aim to identify issues in the code. Our process primarily includes 5 steps to conclude an audit and our smart contract audit prevents Rug & Pulls scam

  1. Read specs/docs
  2. Run Tests
  3. Automated Analysis
  4. Manual Review
  5. Prepare Report

Here are a few points that you must follow to get your smart contract ready for an audit.

  1. Add Comments in your code
  2. Document your functions
  3. Tests (must), if your tests don’t pass, don’t go for an audit
  4. Transparent Communication
  5. Ready to share your time with Auditors

If any of the above points is missing that means your code is not ready for an audit.

Know More about the process.

References & Sources

Cointelegraph | Docs Inverse | Blog Inverse

Laxman Singh

Laxman, Founder of Novvr, is a seasoned professional with extensive experience in the blockchain industry. With a deep understanding of the technology, a passion for innovation, and a commitment to delivering reliable results, Laxman is a leading voice in the blockchain community and an expert in his field.

See author's posts

You may also like

Novvr - It's Not Over Yet

Novvr is a Blockchain Development company based in India, has helped over 150+ brands in 80+ countries. We are committed to quality and unparalleled customer service in all aspects of the business. 

Facebook Instagram Linkedin Twitter
Company
Services
Products

© 2023 Novvr (formerly known as Lapits). All Rights Reserved

Request a Call