Decentralized finance (DeFi) firm Platypus is working on a compensation plan for user's losses after a flash loan attack drained nearly $8.5 million from the protocol, affecting its stablecoin dollar-peg.
In a Tweet on Feb. 18, Platypus disclosed to be working on a plan to compensate the damages and asked users not to realize their losses in the protocol, saying this would make it harder for the company to manage the issue. Assets liquidation are also paused, said the protocol:
2/ We are working on a plan to compensate the losses, please DO NOT repay your USP and realize the losses. It would be easier for us to manage the damage. Also, you don’t have to worry about liquidation as liquidation is paused, stability fee after the attack will not be counted
According to the firm, different parties are currently involved in the funds' recovery process, including legal enforcement officials. Further details about the next steps will be disclosed soon, noted Platypus.
Part of the funds are locked up in the Aave protocol. Platypus is exploring a method to potentially recover the funds, which would require the approval of a recovery proposal Aave’s governance forum.
Blockchain security firm CertiK first reported the flash loan attack on the platform through a tweet on Feb.16, along with the alleged attacker's contract address. Nearly $8.5 million was moved from the protocol, and as a result, the Platypus USD stablecoin became de-pegged from the U.S. dollar, dropping to $0.33 at the time of writing.
"The attacker used a flashloan to exploit a logic error in the USP solvency check mechanism in the contract holding the collateral,” said the company. A potential suspect has been identified.
A technical post-mortem analysis conducted by
Read more on cointelegraph.com