Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Reproducible Foundry test fork from SunWeb3Sec/DeFiHackLabs. Clone the repo, run forge test against the file path above, and replay the exploit against a mainnet fork at the historical block. Use for reproduction only — not for live targets.
According to SlowMist, the EGD Finance project on BSC was attacked by hackers, resulting in the unexpected withdrawal of funds from its pool. The SlowMist security team analyzed this and said that this incident was because the price-feeding mechanism for calculating rewards when EGD Finance's contracts obtained rewards was too simple, resulting in the token price being manipulated by flash loans for profit. Attack method (per SlowMist): Price Manipulation. Reported loss: 36,000 BUSD.
- chain
- bsc
- protocol
- EGD Finance
- bug_class
- oracle
- date_occurred
- 2022-08-08
- loss_usd
- —
- source_id
- sm:egd-finance::2022-08-08