VERDICT —UNRATED
Verdict pending. Auto-ingested incidents are reviewed before a public verdict is rendered.
Root cause
Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Forensic narrative
A critical security incident within the Starlay protocol’s USDC lending pool on the Acala EVM platform. An exploit was identified and executed due to abnormal behavior in the liquidity index calculation mechanism, which allowed an attacker to withdraw an amount far exceeding their original deposit after borrowing LDOT. Attack method (per SlowMist): Contract Vulnerability. Reported loss: $ 2,100,000.
Sourced from
slowmist
Technical record
- chain
- —
- protocol
- Starlay Finance
- bug_class
- logic
- date_occurred
- 2024-02-08
- loss_usd
- $2,100,000
- source_id
- sm:starlay-finance::2024-02-08
Related — same bug class· logic