BNB
by BSC News
October 4, 2022
How safe are yield farms? What are the common causes of exploits? What are projects doing to improve the security of their yield farms? Learn more here!
By giving investors a new platform to diversify their portfolios, the promise of Decentralized Finance (DeFi) is starting to take shape. However, with the rise in investors’ participation, there’s also been a rise in exploits of yield farms
Across all chains, DeFi protocols have about $80 billion in Total Value Locked (TVL), according to DefiLlama, with that number having crested at an all-time high of more than $250 billion during the latest bull run. With all this capital in the crypto ecosystem, investors have discovered yield farming to be an attractive way to enhance their returns.
At the same time, this has created opportunities for bad actors to steal users’ funds by deploying exploits, often with enough ferocity to hijack entire projects. By now, millions upon millions of dollars have been stolen, mainly through anonymous hacks, with very little finding their way back.
The majority of these exploits are based on unseen and unintentional bugs in a protocol’s mart contract. That happened with KetchupSwap, Lokum, YBear, Piggy, CaramelSwap, GoCerberus, and GarudaSwap -- all yield farms operating on BNB Chain.
The attackers of these projects found out that these projects were using the same MasterChef Contract to distribute rewards. Due to an error in this contract, nearly $10 million was stolen, plummeting the prices of their native tokens close to $0.
Of course, such exploits are not exclusive to BNB Chain. For example, on Polygon, the value of the PolyYeld Finance project also collapsed to $0 after attackers found a vulnerability to mint an excess supply of YELD tokens. According to PeckShield, $250,000 was stolen overnight.
To combat the rise of exploits, different yield farms are adopting various strategies to ensure they are not the target of the next hack. GarudaSwap initiated Thoreum Finance, which introduces smart contract upgrades that are “security proofed,” known as THOREUM Masterchef.
On the other hand, Curve Finance uses different strategies to mitigate the risk of exploits. That includes Security Auditing of their smart contracts, where experts double-check the code for any bugs, and the use of Curve Emergency DAO, where participants can vote to pause and unpause the pool if they find something “fishy.”
With any type of investment, there will always be some level of risk. As the amount of money at stake continues to increase, and accordingly the potential rewards for successful hackers, yield farms are adopting more conservative stances and defensive approaches in order to minimize margins of error.
As exploits grow more sophisticated, projects must continuously monitor, test and update potentially vulnerable lines of code.
Related News
Latest News
April 24, 2024
Chainlink Launches Cross-Chain Interoperability Protocol (CCIP) for General Availability
April 24, 2024
Hong Kong Bitcoin and Ethereum Spot ETFs Get Approval to Begin Trading on April 30
April 24, 2024
US DOJ Wants 3-Year Prison Sentence for Binance Co-Founder CZ
April 23, 2024
Binance’s 53rd Launchpool Project: What is Renzo Protocol?
April 23, 2024
Texas' Blockchain Association and the Crypto Freedom Alliance Sue US SEC
April 23, 2024
Binance Sued in Canada Over Securities Law Violations: What to Know
April 22, 2024
What Are Bitcoin Runes?
April 22, 2024
Binance Executive Arrested in Kenya After Fleeing Nigeria
More News