Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Atomic Loans, issued a decision on vulnerability disclosure and suspension of new loan requests. The decision shows that the security researcher samczsun privately disclosed two vulnerabilities in the currently deployed contracts and lender agents.oth vulnerabilities would've allowed a malicious borrower to unlock part/ all of their BTC collateral without repaying their loan in specific circumstances. Up to now, neither of these vulnerabilities were exploited by any users, and there were no funds impacted on the platform. Additionally the platform has disabled the ability for any borrower or lender to participate in new loans until they launch v2. Attack method (per SlowMist): Unknown. Reported loss: -.
- chain
- —
- protocol
- Atomic Loans
- bug_class
- unknown
- date_occurred
- 2020-06-24
- loss_usd
- —
- source_id
- sm:atomic-loans::2020-06-24