A trader on Synthetix, “a decentralized protocol focused on creating synthetic assets,” took advantage of a price feed (oracle) glitch governing smart contracts on the platform to mint $37 million in synthetic ethers, Crypto AM reports.
According to a blog post by Synthetix, the manoeuvre allowed the trader to, “generate $1B in paper profit over the course of a few hours.”
To quote Synthetix:
“There are currently a number of trading bots actively trading on Synthetix.exchange using different strategies, one of these bots was able to detect this price error and exploit it to trade into and out of sKRW during the window where the API was incorrectly reporting the price. This resulted in several trades with profits of 1000x, resulting in over $1b in profit in less than an hour.”
The exchange says it was able to halt trading and reverse the trades:
“We have since been in contact with the owner of the bot, who has agreed to reverse the trades in exchange for a bug bounty.”
Crypto AM describes the everyday business and problem on Synthetix as follows:
“The issue was a simple, but dangerous one. Synthetix employs a variety of different price feeds in order to value their synthetic assets, and determine conversion rates. Normally, a user will take SNX, the native token, and stake it in order to mint synthetic assets such as sUSD or sKRW.”
In the matter at hand, the price feed delivering information about the value of the Korean won (KRW) was inflated by 1000x. The price oracle is described as having a mechanism for discarding outliers in pricing and “should have absorbed this discrepancy gracefully.”
Unfortunately, it did not.
This matter is significant in that if hackers or other bad actors can figure out how to game this glitch again or elsewhere, they could create indefinite amounts of baseless crypto and use it to flood the legitimate ecosystem- to jack up prices or just dump the tokens exchange for legitimate ones.
Much “printing of money” has already been alleged by crypto detractors.
Some are concerned synthetic USDs like Tether may not be as backed as creators claim.
Several have also alleged that tethers are regularly and strategically used to pump the price of cryptocurrencies.
1/ Kudos to Synthetix for their response to a recent incident where the wrong data was fed to a smart derivative contract. As I’ve written before, self-executing contracts bring tremendous promise, but of course also new risks. https://t.co/Xsf8US1qk1
— Adam David Long (@adamdavidlong) June 25, 2019