Ten consecutive audits of the Ethereum-based lending protocol Euler Finance over a two-year interval discovered it to be “nothing greater than low danger” and with “no remaining considerations” earlier than to a $196 million assault.
On March 17, Euler Laboratories CEO Michael Bentley detailed the “hardest days” of his life following Euler’s $196 million flash mortgage assault on March 13. He retweeted one person who shared that Euler has obtained 10 audits from six totally different organizations, and he added that the positioning “has all the time been a security-minded initiative.”
From Might 2021 by September 2022, blockchain safety organizations akin to Halborn, Solidified, ZK Labs, Certora, Sherlock, and Omnisica audited Euler Monetary good contracts. Halborn graded its danger evaluation by calculating the “chance of a safety occasion” and its potential affect, with danger ranges starting from extraordinarily low and informational to essential — Euler earned “nothing larger than low danger.”
A report of Halborn’s audit launched in December 2022 indicated that it had discovered “an total passable consequence.” In accordance with the report, Halborn “inspected and studied” 23 good contracts throughout a one-month interval, figuring out simply “two low dangers and three informational” issues. In accordance with Euler, it assessed Halborn’s protection and determined that the dangers “supply no substantial hazards.”
Omnisica, a blockchain safety agency, corrected numerous “incorrect paradigms” in Euler’s primary swapper implementation, in addition to how the swap mode was “managed by the software program” — however claimed within the report that Euler “absolutely dealt” with these considerations, and “no unresolved points” remained. Inside hours after Euler issued a $1 million bounty for info resulting in the hacker’s arrest, the protocol’s hacker started transferring belongings by crypto mixer Twister Money on March 16.
Bentley claimed in a current Twitter thread that he won’t ever “forgive the attacker” as a result of the hack compelled him to “sacrifice time” along with his new child child, however he praised safety specialists who’re “engaged on leads” for the inquiry. Barely 24 hours earlier than the bounty, Euler issued a warning, threatening to launch one “that results in your imprisonment and the return of all monies” if 90% of the money weren’t returned inside 24 hours.
Read the full article here
Discussion about this post