Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
The DAI pool of Yeld.finance, the DeFi revenue aggregator, was attacked by a lightning loan, resulting in a loss of 160,000 DAI, involving more than 10 users. Tether, TrueUSD and USDC were not affected. According to reports, Yeld’s problem is consistent with the previous Yearn.Finance DAI pool vulnerability problem. The official also stated that the affected users will be repaid with tokens, which will be rewarded with income from the DAI pool to make up for some of their losses. Later, Yeld.finance officially stated that the 160,000 DAI caused by the lightning loan attack has been returned. This event is suspected to be the work of a white hat, and the official will further update the details. Attack method (per SlowMist): Flash loan attack. Reported loss: $ 160,000 DAI.
- chain
- —
- protocol
- Yeld.finance
- bug_class
- flashloan
- date_occurred
- 2021-02-27
- loss_usd
- $160,000
- source_id
- sm:yeld-finance::2021-02-27